Search
Keyword: bkdr_back.b
This potentially unwanted application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing,
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
sending information about the infection back to the server: http://page/sam/{BLOCKED}x.php?selection={encrypted data} {encrypted data} is the number of files that is overwriten by the malware. This is taken
file contains the number of files to be compromised. It is used for reporting to its server. The file %System%\netinit.exe is responsible for: sending information about the infection back to the server
malicious script. It does the following: It checks if it's running in Windows or NixOS May execute an obfuscated PERL script that is used for back connection It requires certain parameters such as ip and port
This Trojan is responsible for sending information about the infection back to its server. This worm may be dropped by other malware. It connects to certain websites to send and receive information.
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Ransomware arrives on a system
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is capable of encrypting files in the affected
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
restore/ delete the drop copy of itself and back to original legitimate file. It deletes itself after execution. Executes the following commands to gather information: %System%\arp.exe -a %System%
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This is a backdoor builder written in Java. It has been seen as a free download in underground forums. This opens a possibility that malicious users may use this tool to create a connect-back client
CVE-2007-6203 Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message,
vulnerability could allow elevation of privilege if an attacker reflects specially crafted JavaScript back to the browser of a targeted user. Read more here . (MS13-104) Vulnerability in Microsoft Office Could
JavaScript back to the browser of a targeted user. Microsoft Visual Studio Team Foundation Server 2013,ASP.NET SignalR 2.0.x,ASP.NET SignalR 1.1.x
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. It drops files as
}i.com/api/ip It does the following: Connects to the following URL to report back to its C&C server: http://api.{BLOCKED}i.com/api/report The downloaded file %Program Files%\Google\Chrome\Application\winhttp.dll