Search

" Other Details This Trojan deletes itself after execution. This report is generated via an automated analysis system. PWS:Win32/Fareit (Microsoft); Generic PWS.y!1ln (McAfee); Trojan.Gen (Symantec);

}.63.224/upd.jpg http://{BLOCKED}.63.224/joupd.jpg This report is generated via an automated analysis system. TrojanDownloader:Win32/Banload.ALK (Microsoft); Generic VB.ja (McAfee); Downloader (Symantec);

following possibly malicious URL: http://{BLOCKED}.237.248/update?{random characters} This report is generated via an automated analysis system. TrojanDownloader:Win32/Agent (Microsoft); Generic Downloader.h

{BLOCKED}lanolex.com/up.php?{random characters} http://{BLOCKED}subar.com/up.php?{random characters} This report is generated via an automated analysis system. Trojan:Win32/FakeSysdef (Microsoft); Generic

Description Name: Possible XML Information Disclosure - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type o...

Windows .exe binary. W32/Generic_PUA_PL (FORTINET); Generic PUA PL (PUA) (SOPHOS); Trojan.GenericKD.31891351 (BITDEFENDER) Downloaded from the Internet Displays message/message boxes

report is generated via an automated analysis system. PWS:Win32/Fareit.gen!C (Microsoft); Generic PWS.y!1el (McAfee); Trojan.Gen (Symantec); PAK:UPX, Trojan-PSW.Win32.Tepfer.adnp (Kaspersky);

via an automated analysis system. Trojan:Win32/Bumat!rts (Microsoft); Generic Downloader.d (McAfee); Trojan Horse (Symantec); Trojan-Clicker.Win32.Delf.cax (Kaspersky); Trojan-Clicker.Win32.Delf.cax

after execution. This report is generated via an automated analysis system. Backdoor:Win32/Simda (Microsoft); Generic FakeAlert.gp (McAfee); Trojan.FakeAV!gen94 (Symantec); Trojan.Win32.Yakes.rkr

" Other Details This Trojan deletes itself after execution. This report is generated via an automated analysis system. Backdoor:Win32/Simda (Microsoft); Generic BackDoor.aeo (McAfee); Trojan.Gen (Symantec);

Description Name: CVE-2016-0128 - Windows Downgrade Vulnerability - DCE-RPC . This is Trend Micro detection for SMB2 and DCE-RPC network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibi...

Description Name: CVE-2012-0394 - APACHE STRUTS EXPLOIT - HTTP(Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type o...

Description Name: CVE-2018-12613 PHPMyAdmin Remote Code Execution Exploit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exh...

Description Name: CVE-2013-2251 - APACHE STRUTS EXPLOIT - HTTP(Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type o...

Description Name: CVE-2017-0022 - Microsoft XML Information Disclosure - HTTP (Response) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry.The host exhibiting this type of n...

Description Name: CVE-2017-12149 - JBOSSAS COMMAND EXECUTION EXPLOIT - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiti...

Description Name: Possible WEBLOGIC T3 RCE Exploit - TCP (Request) . This is Trend Micro detection for TCP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type of netw...

Description Name: CVE-2018-9995 Authentication Bypass Exploit - HTTP (Request) . This is Trend Micro detection for HTTP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this...

Description Name: Android Debug Bridge Remote Code Execution - TCP (Request) . This is Trend Micro detection for TCP network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this ty...

Description Name: Possible EQUATED - Remote Code Execution - SMB (Request) . This is Trend Micro detection for SMB network protocol that manifests exploit activities and can be used for Point of Entry or Lateral Movement.The host exhibiting this type...