Search
Keyword: usojan.win32.whispergate.yxcax
This Potentially Unwanted Application arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file
\win\jpg (Note: %System% is the Windows system folder, which is usually C:\Windows\System32.) It creates the following folders: %System%\win (Note: %System% is the Windows system folder, which is usually
dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Installation This worm drops the following copies of itself into the affected system: %System Root%\Win
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
This Adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Adware arrives on a system as a
This miner figured in the fileless GhostMiner that uses WMI Objects. GhostMiner is known to kill competing other miner payloads. This Coinminer arrives on a system as a file dropped by other malware
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Backdoor arrives on a system as a
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan Spy arrives on a system
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
{65D5AFFB-D4EF-49AA-GFFG-5DA5E12E300A} FLast = "%User Temp%\_$Df\DF6Wks.sib" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\{65D5AFFB-D4EF-49AA-GFFG-5DA5E12E300A} FNum = "32" HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ CLSID\
files: %AppDataLocal%\{Random 4}.exe %User Temp%\{Random 5}.tmp\wuauclt.exe -> detected as Coinminer-TOOLETN.A-WIN32 (for 32 bit systems) %User Temp%\{Random 5}.tmp\wuauclt.exe -> detected as
This worm uses Remote Desktop Protocol (RDP) for its propagation routines. This worm registers ntshrui.dll (copy of clb.dll) as a service by creating the a certain registry. It then adds this service