Search
Keyword: URL
to click on a link to see her photos. When clicked, the links redirects the user to the URL http:{BLOCKED}.infored.mx , a dating site blocked by Trend Micro. Trend Micro now detects and blocks this
This URL leads to a phishing site designed to replicate the legitimate RuneScape website, which is a popular massive multi-player online (MMO) gaming site. Upon accessing the phishing site users are
the .PDF file shows a URL to fake NACHA sites, which are now classified under 'Disease Vector' due to possible malware download.
email to avoid the AOL account suspension This URL leads to a phishing website. This phishing site is currently blocked.
was Adultfinder an online community that offers free adult dating. Clicking the image redirects users to a website where a possibly executable file will automatically be downloaded. The malicious URL is
is a Java class file that is used to execute an exploit code. Once successful, it may download and execute a possibly malicious file from a certain URL. The URL where this malware downloads the said
is a Java class file that is used to execute an exploit code. Once successful, it may download and execute a possibly malicious file from a certain URL. The URL where this malware downloads the said
JS_SHELLCOD.JON Once this URL is accessed, it connects to the following site: http://rchfs.com/10/nuspc.php. It then redirect the user to http://www.google.com to hide its execution. It also downloads the following
download files. It requires a URL parameter where to connect to and download file from, and a file name parameter where to save the downloaded file. Trojan-Downloader.Java.Agent.ja (Kaspersky) Downloads
file. The URL where it downloads the file which may be base64 encoded is usually indicated in the HTML param tag. Downloads files
file from the URL specified in the parameter riversizer and saves it as %User Temp%\yr{random number}.exe . It then executes the downloaded file. (Note: %User Temp% is the current user's Temp folder,
bundled with malware/grayware packages. It executes when a user accesses certain websites where it is hosted. NOTES: This malware downloads from a URL specified in the parameter aaa . It then saves the
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. NOTES: It contains a functions that attempts to connect to a certain URL to download a possibly
user accesses certain websites where it is hosted. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the
component bundled with malware/grayware packages. It may be hosted on a website and run when a user accesses the said website. NOTES: This Trojan connects to a possibly malicious URL. The URL where this
Routine This Trojan saves the files it downloads using the following names: %TEMP%\{random numbers}.exe It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the
of the loader variables maybe located in the website or URL hosting this SWF. Exploit:SWF/Axpergle.I (Microsoft) Downloaded from the Internet
does the following: It executes the downloaded code from the URL using powershell. However, as of this writing, the said sites are inaccessible. Trojan-Downloader.MSWord.Agent.asdfye (Kaspersky);
}al.de/cijweh78fDFA It does the following: It executes the downloaded code from the URL using powershell. However, as of this writing, the said sites are inaccessible. W97M.Downloader.M (Norton);
does the following: It executes the downloaded code from the URL using powershell. However, as of this writing, the said sites are inaccessible. Exploit:O97M/DDEDownloader.C (Microsoft);