Search
Keyword: troj_wmighost.a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
as a file downloaded from the following URLs: http://{BLOCKED}yeew.ru/bin/thootham.exe Installation This Trojan adds the following folders: %Application Data%\{random1} %Application Data%\{random2}
Upon execution, it displays a GUI indicating the installation of a rogue antivirus called Internet Protection. While doing so, it downloads its component file from the a certain URL via HTTP GET. If
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
Upon execution, it displays a GUI indicating the installation of a rogue antivirus called Internet Protection. While doing so, it downloads its component file from the a certain URL via HTTP GET. If
is found that a malicious server tries to inject sites with a .PHP script that is housed in a site called LizaMoon. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed by a user. It uses common
This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This Trojan displays fake alerts upon installation. It displays fake scanning results about disk errors. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This is the Trend Micro detection for a 64-bit component of SIREFEF/ZEROACCESS family. This Trojan may arrive bundled with malware packages as a malware component. It may arrive as a file that
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain URLs. It may do this to remotely