Search
Keyword: W2KM_MONALIS
Provider HKEY_CURRENT_USER\SOFTWARE\Microsoft\ Protected Storage System Provider\S-1-5-20 HKEY_CURRENT_USER\Software\Microsoft\ Protected Storage System Provider\S-1-5-20\Data 2 HKEY_CURRENT_USER\Software
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Explorer\ Advanced Hidden = 2 (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SOFTWARE
\SYSTEM\CurrentControlSet\ Services\mnmsrvc Start = 2 (Note: The default value data of the said registry entry is 3 .) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\NtmsSvc Start = 2 (Note: The
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This malware is a variant of the SOREBRECT malware that Trend Micro discovered on June 2017. It sports fileless, code-injecting capabilities. Users affected by this malware may find their critical
System Modifications This Trojan adds the following registry keys: HKEY_CURRENT_USER\Software\{UID} It adds the following registry entries: HKEY_CURRENT_USER\Software\{UID} {random 2 characters} = "{RSA
This worm may be downloaded by other malware/grayware/spyware from remote sites. It uses the Windows Task Scheduler to add a scheduled task that executes the copies it drops. It executes commands
This Ransomware arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
\bfb396eaa9cf prj = "2" It adds the following registry keys as part of its installation routine: HKEY_CURRENT_USER\Software\bfb396eaa9cf Download Routine This Trojan connects to the following website(s) to
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any backdoor routine. It gathers
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\helpsvc Start = "4" (Note: The default value data of the said registry entry is 2 .) HKEY_LOCAL_MACHINE\SYSTEM
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file