Search

This file infector drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation This file infector drops the following

executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. It does not have any downloading capability. It does not have any information-stealing

drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. It deletes the initially executed copy of itself. Arrival Details This worm

This Trojan arrives as a component bundled with malware/grayware packages. Arrival Details This Trojan arrives as a component bundled with malware/grayware packages. Installation This Trojan drops

Description Name: Possible DLOADER - HTTP (Request) - Variant 6 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators ...

Description Name: Possible DLOADER - HTTP (Request) - Variant 4 . This is Trend Micro detection for packets passing through HTTP network protocols that can be used as Point of Entry. This also indicates a malware infection. Below are some indicators ...

This Trojan arrives as attachment to mass-mailed email messages. It enables its automatic execution at every system startup by dropping copies of itself into the Windows Common Startup folder.

This Trojan is used to load and execute a file. Arrival Details This Trojan may be downloaded from the following remote sites: http://{BLOCKED}9.{BLOCKED}8.107.129/yy.html http://{BLOCKED}9.{BLOCKED

encrypted files using the following names: {unique ID per victim}-{identifier}.zzzzz It does the following: It requires a specific parameter in order to perform its intended routine: "%System%\rundll32.exe" "

deletes shadow copies by executing the following command: vssadmin.exe Delete Shadows /Quiet /All It requires a specific parameter in order to perform its intended routine: "%System%\rundll32.exe" "{Malware

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded files

TROJ_DLDR.HB connects to this URL to download a file and saves it as %System%\logda.dat . This malware is involved in the cyber attacks that targeted specific users in South Korea during March of

JS_DLOADER.SMGA may be downloaded from this site. JS_DLOADER.SMGA exploits a CVE-2012-1875 vulnerability in Internet Explorer .

Trojans or Trojan horse programs refer to a family of malware that carry payloads or other malicious actions that can range from the mildly annoying to the irreparably destructive. They can also

Other System Modifications It adds the following registry keys: a b=c (Note: The default value data of the said registry entry is d .)

Other Details Based on analysis of the codes, it has the following capabilities: This specially crafted PDF file contains an ebedded JavaScript that takes advantage of a vulnerability in Adobe

Other Details This Trojan is a zero-day exploit for the following vulnerability: Adobe Reader and Adobe Acrobat

Other Details This Trojan does the following: This is Trend Micro's detection for scripts that contains a malicious Java Script code. The said Java Script calls other malicious scripts hosted in the

Other Details Based on analysis of the codes, it has the following capabilities: The malware decodes a Base-64 encoded text in the host HTML file, then executes the decoded text.

This Trojan may be dropped by other malware. It executes the files it drops, prompting the affected system to exhibit the malicious routines they contain. Arrival Details This Trojan may be dropped