Search
Keyword: usoj_proxy.bcw
This Coinminer may be hosted on a website and run when a user accesses the said website. It uses the system's central processing unit (CPU) and/or graphical processing unit (GPU) resources to mine
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
%Program Files%\Bench\Updater %Program Files%\Bench\Updater\1.7.0.0 %Start Menu%\Programs\Browser Guardian %Program Files%\Bench\Proxy %User Profile%\Application Data\Protect %User Profile%\Protect
This Hacking Tool may be hosted on a website and run when a user accesses the said website. Arrival Details This Hacking Tool may be hosted on a website and run when a user accesses the said website.
Files%\Bench\BService\1.1 %Program Files%\Bench\Wd %Start Menu%\Programs\Browser Warden %Program Files%\Bench\Proxy (Note: %System Root% is the root folder, which is usually C:\. It is also where the
\ services\TCPSvc ImagePath = "%User Temp%\csrss\proxy\tor.exe" --nt-service -f "%User Temp%\csrss\proxy\config" --Log "notice file %User Temp%\csrss\proxy\t" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet
This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user
This hacking tool is a free program from 3proxy . It is an HTTP/HTTPS proxy with FTP over HTTP support. It is used by other malware, specifically by VBS_PENEPE.C , in performing its backdoor
\CurrentControlSet\ Services\Proxy Session Routing Manager HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Services\Proxy Session Routing Manager\Security HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Services\Proxy
\CurrentControlSet\ services\Diagnostics Description = "Diagnostics service" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Proxy Type = "10" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ services\Proxy Start =
proxy It requires the following files for the configuration of the proxy server: frpc.ini It accepts the following parameters: Usage: frpc [flags] frpc [command] Commands: completion → Generate the
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
a proxy server to allow remote malicious user to use the affected systems to hide their identities when performing malicious activities. It requires its main component to successfully perform its
This backdoor may be dropped by other malware. As of this writing, the said sites are inaccessible. It deletes itself after execution. Arrival Details This backdoor may be dropped by other malware.
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\InitRegKey\Proxy It adds the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ Control\InitRegKey\mod jpeg = "1" HKEY_LOCAL_MACHINE\SYSTEM
This backdoor initially queries certain registry entries to check if the system is running under a proxy server. Otherwise, without a proxy server, the malware will just keep on attempting to resolve
PROXY malware is known to act as a proxy server, allowing remote malicious users to utilize the affected systems in order to hide their identities when performing malicious activities. Its variants