Search
Keyword: unauthorized file encryption
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It avoids
“Read-only” attribute of disk volumes -nobk ← Do not change the wallpaper of the infected machine. -thread={Number of threads per CPU} -at={yyyy/MM/dd HH:mm:ss} ← Specify local time when file encryption should
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
to the Threat Diagram shown below. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by other malware/grayware from
comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting
parameters: -safe → reboots the system in safe mode before encryption Ransomware Routine This Ransomware avoids encrypting files with the following strings in their file path: $recycle.bin $windows.~bt
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to a website to send and receive
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies the Internet Explorer Zone Settings. It
1 Unix RPC Services 1009543 - Linux 'rpc.statd' Remote Format String Vulnerability (CVE-2000-0666) Web Application Common 1009560* - Ghostscript Unauthorized Code Execution Vulnerability
passwords. This routine risks the exposure of the user's account information, which may then lead to the unauthorized use of the stolen data. It attempts to steal information, such as user names and passwords,
the unauthorized use of the stolen data. It accesses the following site to download its configuration file: http://{BLOCKED}ayki.com/z/config.bin It attempts to access a website to download a file which
unauthorized use of the stolen data. Once users access any of the monitored sites, it starts logging keystrokes. It attempts to steal information, such as user names and passwords, used when logging into certain
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It encrypts files with specific file extensions. It
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It does not