Search
Keyword: bkdr_bifrose.dli
Description Name: REMOSH - TCP . This is Trend Micro detection for packets passing through TCP network protocols that can be used as Command and Control Communication. This also indicates a malware infection. Below are some indicators of an infected ...
This Trojan may be downloaded by other malware/grayware from remote sites. It does not have any propagation routine. It requires its main component to successfully perform its intended routine. This
This backdoor may arrive bundled with malware packages as a malware component. It executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It executes
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/1812201284728.jpeg Cybercriminals employ various methods for stealing information, with social engineering and malware infection being the most
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/2692012101853.jpeg In the past, cybercriminals have crafted malicious files that exhibit explicit behavior such as in the case of FAKEAV, ransomware,
This backdoor is related to the spammed message about the Gaddafi Death picture. To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below. Upon
This backdoor may be dropped by other malware. It injects its dropped file/component to specific processes. It executes commands from a remote malicious user, effectively compromising the affected
This backdoor may be dropped by other malware. It connects to a website to send and receive information. Arrival Details This backdoor may be dropped by the following malware: TROJ_ARTIEF.LN
This report is based on several samples detected by the one-to-many detection of BKDR_POISON.VA. This backdoor arrives contained inside a self-extracting archive (RAR SFX) and attached in email
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the dropped file(s). As a result, malicious
This backdoor is a part of a Bitcoin mining malware. It is used to perform DDoS attacks and aids other component malware in stealing Bitcoins from targeted entities. To get a one-glance comprehensive
This backdoor performs HTTP GET requests to certain servers to download malicious files. It acts as a proxy server to intercept requests of Internet browsers and points them to the proxy server on
This backdoor may be dropped by other malware. It connects to a website to send and receive information. Arrival Details This backdoor may be dropped by the following malware: TROJ_PIDIEF.DRP
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive
This description is based is a compiled analysis of several variants of BKDR_DARKMOON. Note that specific data such as file names and registry values may vary for each variant. This backdoor arrives
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It logs a user's keystrokes to steal information. It
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive
This malware arrives as an executable file infected by a file infector malware detected as PE_SALITY.AC. This consequently executes both payloads of BKDR_RILER.SVR and PE_SALITY.AC on the affected
This backdoor does not have any propagation routine. This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It