Search
Keyword: tspy_legmir
This spyware steals particular information and sends it to certain URLs via HTTP POST. It terminates itself if it finds certain processes in the affected system's memory. This spyware arrives on a
This spyware's dropped DLL components are injected to running processes in order to stay memory resident. It gathers system and network information by executing DOS commands via its dropped batch
This spyware is designed to steal system-related information and gather banking, social networking, email and instant messaging (IM) credentials. It is believed to be used in targeted attacks aimed
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It creates an event. It deletes itself after execution.
This description is based is a compiled analysis of several variants of TSPY_DERUSBI. Note that specific data such as file names and registry values may vary for each variant. This spyware may be
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It retrieves specific information from the affected
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result, malicious
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/27102010104449.jpeg In October, TrendLabs SM reported on PE_LICAT.A-O , a new malware that inserts its code into .EXE files, turning them into the
This spyware may be downloaded by other malware/grayware from remote sites. It is injected into all running processes to remain memory resident. It does not have any propagation routine. It does not
This spyware arrives as a fake Adobe Flash Player update. It is spammed in email with subjects referring to WebEx and to PayPal. To get a one-glance comprehensive view of the behavior of this
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This spyware arrives on a system as a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware. It modifies the
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by other malware/grayware from
This spyware may be dropped by other malware. It connects to certain websites to send and receive information. Arrival Details This spyware may be dropped by the following malware: TROJ_ARTIEF.FU
This spyware steals particular information and sends it to certain URLs via HTTP POST. It terminates itself if it finds certain processes in the affected system's memory. This spyware arrives on a
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It creates folders where it drops its files. It
This spyware belongs to a multi-component malware. It steals sensitive system information and sends the information to its C&C server. It downloads its component files from certain websites, where it
TSPY_PINCAV.GEK is the Trend Micro detection for the new banking Trojan family known as Tatanga. According to media reports, it is capable of hijacking the user’s banking session to automatically
Installation This spyware drops the following copies of itself into the affected system: %User Temp%\rbking.exe (Note: %User Temp% is the current user's Temp folder, which is usually C:\Documents and