Search
Keyword: troj_cryptesla
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This malware has received attention from independent media sources and/or other security firms. It exploits CVE-2009-3129 to drop another malware that then drops a backdoor application. The backdoor
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This worm checks if Mozilla Thunderbird is installed in the affected system. It checks for the SMTP server used by this application by checking the file prefs.js and use it to send email messages
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It executes the files it drops, prompting the affected system to exhibit the malicious routines they contain.
This Trojan may be dropped by other malware. Arrival Details This Trojan may be dropped by other malware. Installation This Trojan drops the following files: %User Profile%\Application Data\fs.mp3
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. This Trojan takes advantage of software vulnerabilities to allow a
This Trojan may be dropped by other malware. It modifies registry entries to enable its automatic execution at every system startup. Arrival Details This Trojan may be dropped by the following
This Trojan arrives as an attachment to email messages spammed by other malware/grayware/spyware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
Trend Micro has flagged this Trojan as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it exploits a 0-day vulnerability in Adobe Flash
It enumerates running services and randomly chooses a service name to use as its file name. This Trojan may be dropped by other malware. It adds registry entries to enable its automatic execution at
This Trojan executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. This Trojan takes advantage of software vulnerabilities to allow a
It takes advantage of certain vulnerabilities. Dropping Routine This Trojan drops the following files: %User Temp%\winword.exe - detected as TROJ_DINGU.B (Note: %User Temp% is the current user's Temp
To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This Trojan arrives as attachment to mass-mailed email messages. It may be downloaded
It may be dropped by other malware. It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. Arrival Details It may be dropped
This Trojan is found to have an increased potential for damage, propagation, or both. Specifically, it has the ability to filter and block an infected system's connection to the cloud. To get a
This Trojan may be dropped by other malware. It adds registry entries to enable its automatic execution at every system startup. It disables antivirus services. This is done to allow this malware to