Search
Keyword: W2KM_DLOADR
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the dropped file(s). As a result, malicious routines of the dropped files are
This Trojan may be dropped by other malware. As of this writing, the said sites are inaccessible. Arrival Details This Trojan may be dropped by the following malware: X2KM_DROPPER.ND Installation
Spammers are leveraging the US Department of Treasury for its social engineering tactics. The email sample appears to be a notification from the Federal Reserve Bank regarding restrictions on wire
This spam campaign has two different sets of emails, both of which pretends to be an invoice email having attachments. The attachments are said to be paid by the recipients. However, these mails come
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be downloaded from remote sites by other malware. It connects to certain websites
" HKEY_CURRENT_USER\Software\Microsoft\ IAM Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Internet Settings EnableSPDY3_0 = "0" Dropping Routine This Trojan Spy drops the following files
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
{IEE1F7440C4EA354A} = "2\x00\x00\x00" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Wow6432Node\CLSID\{11347ACA-6019-BD37-83C6-A3C16253F96A} mnvfeiICchnY = "by~uKUJ^{IR_Adbg~aQ`" HKEY_LOCAL_MACHINE\SOFTWARE\Classes
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
\shell\ runas HKEY_CURRENT_USER\N1j\shell\ runas\command HKEY_CURRENT_USER\Km HKEY_CURRENT_USER\Km\DefaultIcon HKEY_CURRENT_USER\Km\shell HKEY_CURRENT_USER\Km\shell\ open HKEY_CURRENT_USER\Km\shell\ open
%*" It modifies the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\SharedAccess Start = "4" (Note: The default value data of the said registry entry is 2 .)
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive