Search
Keyword: URL
following URL: http://wmi.my{BLOCKED}u:8888/kill.html It access the following URL where it downloads a file and then execute: http://wmi.my{BLOCKED}u:8888/test.html However, as of this writing, the said sites
The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Exploit:Java/CVE-2012-1723 (Microsoft), Java/Exploit.Agent.NMN trojan (NOD32),
Server 2003, or C:\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the
Description Name: Data-stealing malware - URL used as drop site - HTTP (Request) . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as N/A. This also indicates a malware infection. Below are some indic...
Server 2003, or C:\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the
functions. This browser plug-ins checks for the value of the following: SCode URL Epoch S/Kryptik.ATB trojan (ESET-NOD32), JS:Trojan.Script.CMT (BitDefender) Downloaded from the Internet, Dropped by other
Verifier Cache Remote Code Execution (CVE-2012-1723) It downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by
URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Other Details This Trojan requires its main component to successfully perform its
a file from a certain URL then renames it before storing it in the affected system. As of this writing, the said sites are inaccessible. Arrival Details This Trojan arrives as an attachment to email
malicious file: https://{BLOCKED}ntation.com:443/{pseudo-random characters} It saves downloaded files into certain folders. Other Details This Trojan does the following: It accesses a URL that is
or as a file downloaded unknowingly by users when visiting malicious sites. Download Routine This Trojan downloads the file from the following URL and renames the file when stored in the affected
a file from a certain URL then renames it before storing it in the affected system. As of this writing, the said sites are inaccessible. Arrival Details This Trojan arrives as an attachment to email
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Other Details This spyware does the following: Opens the following possibly malicious url in the
clicked, it connects to the malicious URL and executes the downloaded file. It displays a message box once the downloaded file is successfully run. Spammed via email Connects to URLs/IPs, Downloads files,
a file from a certain URL then renames it before storing it in the affected system. As of this writing, the said sites are inaccessible. Arrival Details This Trojan arrives as an attachment to email
them to click on the malicious URL http://www.{BLOCKED}a.com/uu/xlsx/view.php . However, as of this writing, the said site is inaccessible. Spammed via email, Downloaded from the Internet Connects to
visiting malicious sites. Download Routine This Trojan downloads the file from the following URL and renames the file when stored in the affected system: http://{BLOCKED}la.com/fwltxgf.exe It saves the files
CVE-2008-1368 CRLF injection vulnerability in Microsoft Internet Explorer 5 and 6 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded CRLF (%0D%0A)
file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Download Routine This Trojan downloads the file from the following URL and renames the file when
This Trojan does the following: It disguises itself as a login page to confirm a shipment. It displays a fake error message upon signing in. It connects to the following URL to get the image for the fake