Search
Keyword: bkdr_bifrose.dli
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to a website to send and receive
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.
This malware acts as a proxy server to intercept requests of Internet browsers and point them to the proxy server on port 64323. It monitors Internet browser's activity to check for certain strings
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details
This backdoor may be downloaded by other malware/grayware from remote sites. It uses Windows Task Scheduler to create a scheduled task that executes the dropped copy. Arrival Details This backdoor
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded from remote sites by other
This backdoor is a variant of the malware family BLYPT. It uses binary large objects (BLOB) to store information in the affected system's registry. It also utilizes encryption. Users affected by this
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It lowers the security setting of Internet Explorer.
This malware is related to a cyberespionage campaign that uses an Ichitaro zero-day vulnerability, or the Multiple Ichitaro Products Unspecified Remote Code Execution Vulnerability (CVE-2014-7247) To
This backdoor contains a list of user names and passwords which it uses in its attempt to grant access to the System Root folder of an infected machine. It also installs another backdoor on the
This backdoor may be dropped by other malware. It does not have any propagation routine. It runs certain commands that it receives remotely from a malicious user. Doing this puts the affected
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It runs certain commands that it receives remotely
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It executes
This backdoor may be unknowingly downloaded by a user while visiting malicious websites. It listens on ports. Arrival Details This backdoor may be unknowingly downloaded by a user while visiting
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This malware disguises as delivery receipts for well-known postal and delivery services firms and airlines. To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the