• This backdoor uses several known websites to receive backdoor commands, facilitate communication of the commands, and upload files.This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This malware is a downloader used by the OceanLotus threat actor group. This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This ransomware comes from a high volume spam campaign that aims to deliver this to as many users possible.This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This ransomware comes from a high volume spam campaign that aims to deliver this to as many users possible.This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This fileless malware connects to specific URLs to download PowerShell codes and execute these.This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This malware is implicated as an exploit for the zero-day vulnerability in Adobe Flash Player known as CVE-2018-15982. This exploit made its rounds via drive-by downloads.
    Read more   

  • This backdoor may arrive in the affected system via ThinkPHP Remote Code Execution exploit.This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This backdoor may spread to other devices by abusing a Remote Code Execution exploit in Huawei routers.This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
    Read more   

  • This malware connects to a specific post from a specific Twitter account. The image in the post hosts code that connects to a command and control server used by this malware to receive commands.
    Read more   

  • This malware is part of the Shadow Brokers' leaked tools and exploits. It targets Windows NT 4.
    Read more