Search
Keyword: pe_luna
executed, this virus stores its codes in the Ring 0 Windows memory area to load itself in memory. It alters the PE file header so that the virus codes are accessed every time an infected file is executed. If
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses Windows Task Scheduler to create a scheduled
This file infector executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. File Infection This is the Trend Micro detection for files
following files: .DLL files PE Files with _win section name Files with infection marker Backdoor Routine This file infector connects to any of the following IRC server(s): ru.{BLOCKED}s.pl core.{BLOCKED
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the Windows Task Scheduler to add a scheduled
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It adds
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/121120125744.jpeg The most notorious file infectors of 2012— SALITY , XPAJ , MUSTAN , and QUERVAR —have different routines that make removal and
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It creates folders where it drops its files. It
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It prepends its codes to target files. Arrival
strings in their names: OTSP WC32 WCUN WINC It avoids infecting the following files: .DLL files PE Files with "_win" section name Files with infection marker Other Details This file infector connects to the
This malware is responsible for high infection numbers in EMEA, NABU, and China. To get a one-glance comprehensive view of the behavior of this File infector, refer to the Threat Diagram shown below.
This file infector executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. File Infection This is the Trend Micro detection for files
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This file infector is reported to be spreading massively in the US and Europe. There are two factors about this malware that can explain this spreading: this malware infects common files that are
This file infector opens a hidden instance of IEXPLORE.EXE and connects to remote sites to download and execute possible malicious file(s). Infected files are detected as follows: DLL and EXE files -
. This file infector may be dropped by other malware. It injects its dropped file/component to specific processes. It prepends its codes to target files. As of this writing, the said sites are
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It appends its codes to target files. It exports
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This malware is a new LICAT variant that uses a different key for its domain generation algorithm. To get a one-glance comprehensive view of the behavior of this File infector, refer to the Threat