Search
Keyword: unauthorized file encryption
sensitive online banking information, such as user names and passwords. This routine risks the exposure of the user's account information, which may then lead to the unauthorized use of the stolen data.
It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It adds registry entries to enable its automatic execution at
following after encryption Ransomware Routine This Ransomware avoids encrypting files with the following strings in their file name: NTUSER.DAT AppData\Roaming Recycle.Bin pagefile.sys swapfile.sys worm.exe
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
HKEY_CURRENT_USER\Software\akocfg aid = .{Appended File Extension} Dropping Routine This Ransomware drops the following files: {Encrypted Path}\do_not_remove_ako.{6 Random Characters}_id.key → encryption key
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting
not delete parameters from $_GET and $_POST when it is cleansing $_REQUEST, but later accesses $_GET and $_POST using the getQueryParam function, which allows remote attackers to bypass encryption and
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It attempts to steal sensitive online banking
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It attempts to steal sensitive online banking
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It attempts to steal sensitive online banking
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops files as ransom note. It avoids encrypting
visiting malicious sites. Installation This Ransomware drops the following files: {Encrypted File Directory}\{GUID}.lock =>{Deleted after encryption in the directory} Other System Modifications This
files will remain unusable. It is detected to use RSA 2048 asymmetric encryption to encrypt said files, making it impossible for the files to be decrypted without paying the ransom. To get a one-glance
Ghostscript Remote Code Execution Vulnerability (CVE-2018-16509) - 1 1009560 - Ghostscript Unauthorized Code Execution Vulnerability (CVE-2019-6116) - 1 Web Application Tomcat 1002707* - Apache Tomcat
This family of backdoors and Trojans attempt to communicate to various AdFraud servers to access different advertisements in a hidden desktop. BEDEP contains heavy encryption and disguises itself as a
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is capable of encrypting files in the affected
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It attempts to steal sensitive online banking