Search
Keyword: pe_kaze.4236
This malware was involved in an attack targeting Banco de Brasil users during May 2013. It claimed itself to be a customized online banking browser that would allow users to access their accounts
target host files. It avoids infecting files that contain the following strings in their names: OTSP WC32 WCUN WINC It avoids infecting the following files: .DLL files PE Files with _win section name Files
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware. It prepends
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses Windows Task Scheduler to create a
It avoids infecting the following files: .DLL files PE Files with _win section name Files with infection marker Backdoor Routine This file infector connects to any of the following IRC server(s):
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This file infector arrives on a
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This file infector arrives on a
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It infects by appending its code to target host
Trend Micro has flagged this file infector as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, this is a new LICAT variant that uses a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This file infector infects by inserting its code to unused space in host files. Autostart Technique This file infector drops the following file(s) in the Windows Startup folder to enable its
This file infector may be downloaded by other malware/grayware/spyware from remote sites. It may be manually installed by a user. It infects by appending its code to target host files. Arrival
This file infector executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Dropping Routine This file infector drops the following
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It prepends its codes to target files. It creates
This spyware may be dropped by other malware. It uses the Windows Task Scheduler to add a scheduled task that executes the copies it drops. It does not have any propagation routine. It connects to
This spyware may be dropped by other malware. It uses the Windows Task Scheduler to add a scheduled task that executes the copies it drops. It does not have any propagation routine. It connects to
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It connects
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware. It connects to
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware. It connects to