Search
Keyword: usoj_artief.doc
This malware exploits CVE-2012-0158 and uses a Tibetan-themed targeted campaign. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below. This
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It takes advantage of software vulnerabilities in certain software to drop malicious
dropped files are exhibited on the affected system. NOTES: Upon execution, it opens its dropped non-malicious DOC files to hide its malicious routines from the user. Exploit:Win32/CVE-2010-3333 (Microsoft);
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It does not have any propagation routine. It executes the dropped file(s). As a result,
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. Once a malware successfully exploits the said vulnerability, it causes certain actions to be done on the system.
This Trojan arrives as attachment to mass-mailed email messages. It executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Arrival
This Microsoft Word document malware uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed.
This Trojan arrives as an attachment to email messages mass-mailed by other malware/grayware or malicious users. It executes the downloaded files. As a result, malicious routines of the downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the dropped file(s). As a result, malicious
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the dropped file(s). As a result, malicious
This description is based on a compiled analysis of several variants of TROJ_ARTIEF. Note that specific data such as file names and registry values may vary for each variant. This Trojan arrives as
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This malware used a Christmas-themed exploit document to deliver its payload, BKDR_GAMFRIC.A. The backdoor (MagicFire) is rarely seen in the wild possibly because its only use in targeted attacks. To
It takes advantage of the vulnerabilities in Microsoft Office that could allow remote code execution (MS10-087). Once it successfully exploits the said vulnerability, it drops a file detected as
Once a malware successfully exploits the said vulnerability, it causes certain actions to be done on the system. Installation This Trojan drops the following non-malicious file: c:\{ascii characters
non-malicious file: C:\DOC Dropping Routine This Trojan takes advantage of unknown vulnerabilities in the following software to drop malicious files: Microsoft Security Bulletin MS10-087 Other Details More