Search
Keyword: usoj_proxy.bcw
and use proxy settings Sleep for an amount of time It connects to the following URL(s) to send and receive commands from a remote malicious user: http://bueam.{BLOCKED}brea.com/{uri}.asp?{random string}
writing, the said sites are inaccessible. Information Theft This backdoor accepts the following parameters: base64 encoded string containing the username and password of the proxy server of the infected
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
version Get processor information Get drive information Get and use proxy settings Sleep for an amount of time It connects to the following URL(s) to send and receive commands from a remote malicious user:
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
Use proxy server settings of current user It connects to the following URL(s) to send and receive commands from a remote malicious user: www.ev.{BLOCKED}a.jp/blog/index.php Other Details This backdoor
This backdoor may be dropped by other malware. It does not have any propagation routine. It executes commands from a remote malicious user, effectively compromising the affected system. It does not
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
following commands from a remote malicious user: Creates a proxy connection Gather information from past created proxy connection Close socket of proxy connection Modify its added registry entries value and
CVE-2012-4776,MS12-074 The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during
for proxy configuration (only for Yam Miner): /usr/bin/.proxy /tmp/.proxy No proxies used if the files above are not present. It executes the following commands to run XMRig miner: {parameter2}/.xmrig
malicious user: Creates a proxy connection Gather information from past created proxy connection Close socket of proxy connection Modify its added registry entries value and svalue Download and execute
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies registry entries to disable various system
Propagation This backdoor does not have any propagation routine. Backdoor Routine This backdoor executes the following commands from a remote malicious user: Download and execute arbitrary files Use proxy
Propagation This backdoor does not have any propagation routine. Backdoor Routine This backdoor executes the following commands from a remote malicious user: Download and execute arbitrary files Use proxy
environment variable using the Proxy HTTP header. This vulnerability may be exploited by a remote attacker to redirect traffic through an attacker controlled proxy, potentially leading to a man-in-the-middle
environment variable using the Proxy HTTP header. This vulnerability may be exploited by a remote attacker to redirect traffic through an attacker controlled proxy, potentially leading to a man-in-the-middle
environment variable using the Proxy HTTP header. This vulnerability may be exploited by a remote attacker to redirect traffic through an attacker controlled proxy, potentially leading to a man-in-the-middle
environment variable using the Proxy HTTP header. This vulnerability may be exploited by a remote attacker to redirect traffic through an attacker controlled proxy, potentially leading to a man-in-the-middle