Search
Keyword: unixliona1
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
\xa3\x13\xa5fR\xa6\xee\x16uxe\xe5\xdfQ\xdd+" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 RegFiles0000
\x01" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 SessionHash = "{random characters}" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1
\Session0000 SessionHash = "{random characters}" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 RegFiles0000 =
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
= "1" Dropping Routine This Adware drops the following files: %AppDataLocal%\Microsoft\Internet Explorer\Recovery\High\Active\{85B8D76A-EC1C-11E9-B533-005056BC6F22}.dat %AppDataLocal%\Microsoft
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 Sequence = "1" HKEY_CURRENT_USER\Software\Microsoft\ RestartManager\Session0000 RegFiles0000 = "\x00\x00" HKEY_CURRENT_USER\Software\Microsoft
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
1.00 DisplayVersion = "1.00" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ Microsoft\Windows\CurrentVersion\ Uninstall\AntiCheat 1.00 VersionMajor = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ Microsoft
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
minute /mo 1 /tn "Telemetry Logging" /tr "%Application Data%\Microsoft\Protect\oobeldr.exe" attrib.exe +H %ProgramData%\DNTException attrib.exe +H %ProgramData%\DNTException\node.exe %User Temp%
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It logs a user's keystrokes to steal
registry entries: HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\International\CpMRU Enable = "1" HKEY_CURRENT_USER\Software\Microsoft\ Internet Explorer\International\CpMRU Size = "a
\SOFTWARE\xpreapp It adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp execount = "1" Dropping Routine This Trojan drops the following files: %User Temp%\~DF74B5.tmp %User Profile%
\SOFTWARE\Clients\ NetworkAgentDriver t0_deb = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Clients\ NetworkAgentDriver t0_sp = "092083117112098103093104112108117140146140141126134076075117" HKEY_LOCAL_MACHINE\SOFTWARE
Debugger = "0" HKEY_LOCAL_MACHINE\SOFTWARE\Policies\ Microsoft\Windows\CurrentVersion\ Internet Settings Security_HKLM_only = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Internet Explorer\Security
\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ Inno_is1 NoModify = "1" HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Uninstall\ Inno_is1 NoRepair = "1" HKEY_CURRENT_USER\Software
DisplayName = "523B2320" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\523B2320 ErrorControl = "1" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Services\523B2320 ImagePath = "%Windows%\Fonts\1B7AFA40.EXE -k