Search
Keyword: URL
downloaded files are exhibited on the affected system. NOTES: This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the file depends on the parameter ur0l0
intended routine. NOTES: This is a malicious Java archive file (.JAR), which attempts to download and execute possibly malicious file from a certain website. The URL where this malware downloads the said
The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Exploit:Java/CVE-2012-1723.AC (Microsoft), Exploit.Java.CVE-2012-0507.nh (Kaspersky),
This backdoor connects to a certain URL to send and receive commands from a remote malicious user. It gathers certain information and sends the gathered information via HTTP POST to a specific URL.
The URL where this malware downloads the said file depends on the parameter passed on to it by its components. It determines the type of the downloaded file, whether .EXE or .DLL, and saved it as
below: CVE-2012-0507 NOTES: It downloads from the URL specified in the parameter b that the web page hosting the virus provides and executes the downloaded file. As a result, malicious routines of the
Server 2003.) NOTES: This is a Java class file that is used to execute an exploit code. Once successful, it may download a possibly malicious file from a certain URL. The URL where this malware downloads
on a website and run when a user accesses the said website. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file
visiting malicious websites. Download Routine This Trojan downloads the file from the following URL and renames the file when stored in the affected system: http://{BLOCKED}center.ru/dbanner.png It saves the
website and run when a user accesses the said website. Download Routine This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the
by a user while visiting malicious websites. Download Routine This Trojan downloads the file from the following URL and renames the file when stored in the affected system: http://{BLOCKED}.{BLOCKED
\Temp on Windows 2000, XP, and Server 2003, or C:\Users\{user name}\AppData\Local\Temp on Windows Vista and 7.) It downloads a possibly malicious file from a certain URL. The URL where this malware
part of the Blackhole exploit kit. This Trojan downloads and executes a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on
The URL where this malware downloads the said file depends on the parameter passed on to it by its components. Troj/JavaDl-OD (Sophos)
retrieves the game session ticket by getting the value of "-t" argument from running RobloxPlayerBeta.exe process. It uses Discord Webhook URL to send the Roblox Cookie as an automated message to its Discord
file://{BLOCKED}.{BLOCKED}.150.66/icon.png It also connects to the following URL to download file: http://{BLOCKED}.{BLOCKED}.116.217/images/logo/info_zKfSmJ+voZNLPQjPedpd2G7aRb9tf+gPVKNRffjd+XE=.png
checks the MAC address of the computer and generates an MD5 hash of it then compares it to a list. if found on the list, the malware downloads from the URL https://{BLOCKED}tfix.com/logo2.jpg?{MD5hash}. if
information-stealing capability. Other Details This Trojan does the following: It connects to the following URL upon execution: https://bit.ly/{BLOCKED}H which redirects to http://vip.{BLOCKED}heet.com:8080/open?id
Profile%\Pictures Internet login credentials such as Google Chrome It connects to the following URL to obtain the control server information from Pastebin: https://pastebin.com/raw/{BLOCKED}J
connects to the following URL to receive data using HTTP GET: http://sl.{BLOCKED}r.org/cj/?msg NOTES: However, as of this writing, the said sites are inaccessible. This malware arrives to the system as an