Search
Keyword: URL
This is the malicious URL that hosts the malware TSPY_LEGMIR.JW<SPAN style="FONT-FAMILY: 'Arial','sans-serif'; COLOR: #4a4a4a; FONT-SIZE: 9pt; mso-fareast-font-family: 'Times New Roman';
Upon execution, TROJ_AGENTT.TC displays a GUI indicating the installation of a rogue antivirus called Internet Protection. While doing so, it downloads its component file from this URL via HTTP GET.
URL component of the Facebook Top Profile Viewer ruse, which results to users spamming their Facebook contacts. It also creates an album called Instagram and tag users' contacts on Facebook.
URL component of the Facebook Top Profile Viewer ruse, which results to users spamming their Facebook contacts. It also creates an album called Instagram and tag users' contacts on Facebook.
URL component of the Facebook Top Profile Viewer ruse, which results to users spamming their Facebook contacts. It also creates an album called Instagram and tag users' contacts on Facebook.�
BKDR_POISON.BTA connects to this URL to send and receive commands from a remote malicious user. This malware uses DLL preloading, a technique more known to be utilized by PlugX .
NOTES: The Possible_SMPATCHBREXJS detection aims to detect browser extension component (normally with filename manifest.json ), where update URL is modified and pointed to hxxps://{BLOCKED}itscan[.
When accessed, this URL downloads a file detected as <SPAN style="FONT-FAMILY: 'Arial','sans-serif'; COLOR: #4a4a4a; FONT-SIZE: 9pt; mso-fareast-font-family: 'Times New Roman'; mso-ansi-language:
TROJ_VBINJECT.XG sends gathered information from an infected system to this URL via HTTP POST. This malware arrives as a malicious file dropped by TROJ_DROPPER.ZGD, which masquerades as a Facebook
ADW_EOREZO connects to this URL to display ads on the affected system. This malware is one of the "Printer Virus" that prints several lines of characters when executed on infected systems.
ADW_EOREZO connects to this URL to display ads on the affected system. This malware is one of the "Printer Virus" that prints several lines of characters when executed on infected systems.
ADW_EOREZO connects to this URL to display ads on the affected system. This malware is one of the "Printer Virus" that prints several lines of characters when executed on infected systems.
This malicious URL is used in a phishing attack that targets customers of the recent merger between ABN AMRO Bank NV (ABN AMRO Bank) and Fortis Bank (Nederland).
BKDR_LIFTOH.DLF connects to this URL to send and receive commands from a remote malicious user. It spreads by using two worms, which use multi-protocol IM apps like Quiet Internet Pager and Digsby.
This website is a phishing URL for Banco de Oro. Similar to other phishing sites, it also displays fake login page to steal user's credentials and use it for other malicious activities.
JS_OBFUSC.BEB redirects users to this URL if their computers have a particular Adobe Reader version installed. This malware is related to a spammed message that leverages the news on the "Royal Baby."
Visiting this malicious URL http://www.{BLOCKED}blackjack.com/view_photo.php and its shortened version http://{BLOCKED}w.ly/2d4Zb opens a dialog box will appear that prompts users to download and run
This malicious URL leverages Google as it supposedly offers free downloadable invites for the said new social networking site. Accessing the link leads to several redirections that resolve to an
BKDR_POISON.DOC connects to this URL to send and receive commands from a remote malicious user. These commands include capturing screen, audio and webcam, logging keystrokes, managing passwords, and
There is an absolute path traversal vulnerability in WordPress which allows remote attackers to read arbitrary files via a full path name in the URL parameter. Apply associated Trend Micro DPI Rules.