Search

HackTool.Win32.NIRCMD.AB

This Hacking Tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Hacking Tool arrives on a

TSPY_ZBOT.ALR

\Microsoft\ Internet Account Manager\Accounts\Active Directory GC LDAP Server ID = "0" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER

TSPY_FAREIT_EL1501E3.UVPM

\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft

ADW_Help24x7

}_is1 NoModify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ {B897520C-BD34-42FA-9644-3F03DE6B7783}_is1 NoRepair = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows

PUA_PCOPTIMIZERPRO.GB

\CurrentVersion\Uninstall\ Optimizer Pro_is1 NoModify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall\ Optimizer Pro_is1 NoRepair = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows

PUA.Win32.InstallCore.USMANHOBHX

\xd5\x01" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 SessionHash = "{random characters}" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1

PUA.Win32.InstallCore.USMANHOBKX

= "{random characters}" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 RegFiles0000 = "\x00

(MS12-034) Combined Security Update for Microsoft Office, Windows, .NET Framework, and Silverlight (2681578)

Server 2008 R2 for x64-based Systems (Server Core Installation),Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core Installation)

RANSOM.LINUX.XBASH.A

neagrle 123456 admin root password 123123 123 1 {user} {user}{user} {user}1 {user}123 {user}2016 {user}2015 {user}! P@ssw0rd!! qwa123 12345678 test 123qwe!@# 123456789 123321 1314520 666666 woaini fuckyou

RANSOM.LINUX.XBASH.AE

bruteforce database servers: test neagrle 123456 admin root password 123123 123 1 {user} {user}{user} {user}1 {user}123 {user}2016 {user}2015 {user}! P@ssw0rd!! qwa123 12345678 test 123qwe!@# 123456789 123321

TSPY_ZBOT.YUYAOE

\Accounts\Active Directory GC LDAP Server ID = "0" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account

TSPY_ZBOT.YUYAEC

\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft

TSPY_ZBOT.YUYAGS

LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere

WORM_GOLROTED.YYZT

LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere

ADW_OPTIMIZER

\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ PC Speed Maximizer_is1 It adds the following registry entries: HKEY_CURRENT_USER\Software\PC Speed Maximizer Language = "1" HKEY_CURRENT_USER\Software\PC

WORM_BRONTOK.MY

adds the following registry entries: HKEY_CURRENT_USER\Software\Policies\ Microsoft\Windows\System DisableCMD = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\Main Window Title =

TROJ_RIGTOY.DAM

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This

TROJ_WINSPY.CY

\SystemPack LLID = "1" HKEY_LOCAL_MACHINE\SOFTWARE\IntellRaidConfigurer LLID = "1" HKEY_LOCAL_MACHINE\SOFTWARE\NvVideo LLID = "1" HKEY_LOCAL_MACHINE\SOFTWARE\MSI64 LLID = "1" HKEY_LOCAL_MACHINE\SOFTWARE\MSI64

BKDR_FYNLOSKI.XXRI

LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server ID = "2" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\WhoWhere

TSPY_ZBOT.YYDGJ

= "0" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\Bigfoot LDAP Server ID = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Account Manager\Accounts\VeriSign LDAP Server

Resources

Support

About Trend

Country Headquarters