Search
Keyword: trojan backdoor
by users when visiting malicious sites. Backdoor Routine However, as of this writing, the said sites are inaccessible. Dropping Routine This Trojan drops the following files: %User Temp%\svchost.exe -
SWISYN is a Trojan family first spotted around 2009. It is known primarily as a malware that drops other malware and executes them on the system it affects. This causes the affected system to display
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It executes
connection from a remote host. Backdoor commands are passed as parameters to HTTP requests. PHP/Shellbot.6603 (AntiVir); Trojan Horse PERL/ShellBot.B (AVG); Backdoor.PHP.ALZ (Ikarus)
accesses the said website. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan may be hosted on a website and run when a user accesses the said website. Backdoor Routine
or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user accesses the said website. Backdoor Routine This Trojan executes the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\ Windows\CURRENTVERSION\Run {random} = rundll32.exe "%Windows%\{random}.dll",Startup Backdoor Routine This Trojan opens a random port to allow a remote user to connect to the
following processes: svchost.exe Backdoor Routine This Trojan connects to the following websites to send and receive information: http://{BLOCKED}.{BLOCKED}.252.245 As of this writing, the said sites are
Backdoor Routine This Trojan connects to the following websites to send and receive information: http://{BLOCKED}a.co.cc/ http://{BLOCKED}a.co.cc/ Compromises system security
{Malware File Name without Extension} imagepath = {Malware Path and File Name} Backdoor Routine This Trojan opens a random port to allow a remote user to connect to the affected system. Once a successful
unknowingly by users when visiting malicious sites. Backdoor Routine This Trojan executes the following commands from a remote malicious user: Arbitrary code execution It connects to the following websites to
Trojan Spy injects codes into the following process(es): svchost.exe spoolsv.exe Backdoor Routine This Trojan Spy connects to the following websites to send and receive information: {BLOCKED}.{BLOCKED
of this writing, the decrypted code is a backdoor as BACKDOOR.WIN32.QUSARRAT.B This Trojan checks if the file is executed using svchost . N/A Downloaded from the Internet
REMOSH is known as part of the Night Dragon attack in 2011. It targets mostly networks that belong to energy companies. It is a backdoor-hacking tool combination. The hacking tool acts as a Trojan
REMOSH is known as part of the Night Dragon attack in 2011. It targets mostly networks that belong to energy companies. It is a backdoor-hacking tool combination. The hacking tool acts as a Trojan
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,