Search
Keyword: URL
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Other Details This Trojan does the following: Connects to the following possibly malicious URL
hosted on a website and run when a user accesses the said website. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file
malware/grayware or malicious users. Other Details This Trojan does the following: Displays the following: Employs social engineering tactic to trick the victims to manually access the following malicious URL either
Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the following parameter(s) passed on to it by its components:
}owtie.ru/system/logs/wp-verify.php It does the following: When users click the link on the PDF file, it accesses the said URL which is a phishing site, asking to fill out data to be stolen. Via email Steals information
}sparks.ph/images/bitspace_logo/logosncircles/logocircle.php http://{blocked}cechk.ru/secure.login/waw/mbna/ It does the following: When users click the link on the PDF file, it accesses the said URL which is a phishing site, asking to fill out data to be
of the loader variables maybe located in the website or URL hosting this SWF. Exploit:SWF/Axpergle.D (Microsoft) Downloaded from the Internet
malware/grayware or malicious users. NOTES: This malware tricks users to click on the link to view the PDF: Upon clicking the link, it accesses the URL http://{BLOCKED}onsultores.com/admin/img/adobe.php . The user
URL: http://cc.{blocked}dd.net/1.js It does the following: This script redirects the user to the said URL which contains advertisements that may be displayed on the user's browser.
}nd-kraemer.de/cijweh78fDFA It does the following: It executes the downloaded code from the URL using powershell. However, as of this writing, the said sites are inaccessible. Exploit:O97M/DDEDownloader.C (Microsoft);
user to the following URL either to steal credentials or download other files: accountmanagement1.box.com/{BLOCKED}/{BLOCKED}yaih33fpa7hqszrkpv15bqg5fq accountmanagement1.app.box.com/{BLOCKED}/{BLOCKED
possibly malicious URL in a web browser: https://c{BLOCKED}s.com/ipfs/bafkreiddros3nljwt5yor2q4bbelatvkn3aeygsjicq2heap63hdvffszu#n-k{BLOCKED}.jp It redirects the web browser to the following URL:
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Other Details This Backdoor does the following: This backdoor connects to the following URL to
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Other Details This Trojan does the following: It connects the user to the possibly malicious URL
Characters} FaviconURL = http://{BLOCKED}s.{BLOCKED}p.it/p/97238/wow_ico.png HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer\SearchScopes\{Random Characters} URL = http://{BLOCKED}w.{BLOCKED}p.it/?q=
Number Control URL It will then access the control URL of the router depending on the discovered UPnP device: http://{control URL}/index.asp http://{control URL}/dlink/hwiz.html http://{control URL
Ransomware-related URLs are being sent via spam emails by posing as fake Dropbox links. The ruse makes the malicious URL hard to see, and uses the popularity of Dropbox to fool victims. Apart from
is a Java class file that is used to execute an exploit code. Once successful, it may download and execute a possibly malicious file from a certain URL. The URL where this malware downloads the said
hosted on a website and run when a user accesses the said website. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file
antivirus called Antimalware Tool . It accesses the following URL to download the said rogue antivirus: {BLOCKED}s.co.be/{value} scheets.co.be/{value} --> However, the said site is currently inaccessible.