PREVIOUS
PREVIOUS
  • RANSOM_EDGELOCKER.A

    This malware,discovered late December 2016, has been found to be connecting to a bitcoin transaction site as part of its malicious routines. Users affected by this malware may find their critical documents and files encrypted, which may cause data loss.
    Read more   

  • TROJ_KILLDISK.C

    This malware is related to the recent BlackEnergy targeted attacks that affected industries in Ukraine. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.
    Read more   

  • RTKT64_BLACKEN.C

    This malware is related to the recent BlackEnergy targeted attacks that affected industries in Ukraine.To get a one-glance comprehensive view of the behavior of this Rootkit, refer to the Threat Diagram shown below.
    Read more   

  • TROJ_KILLDISK.X

    This malware is related to the recent BlackEnergy targeted attacks that affected industries in Ukraine. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.
    Read more   

  • BKDR_BLACKEN.C

    To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below.This backdoor may be dropped by other malware.
    Read more   

  • RTKT_BLACKEN.C

    This malware is related to the recent BlackEnergy targeted attacks that affected industries in Ukraine.To get a one-glance comprehensive view of the behavior of this Rootkit, refer to the Threat Diagram shown below.
    Read more   

  • BKDR_BLACKEN.B

    This malware is the final payload to the recent BlackEnergy targeted attacks that affected industries in Ukraine. The threat actors behind this attack normally use Excel files as part of their social engineering lure.
    Read more   

  • RANSOM_MEMEKAP.A

    This is the detection for another variant of ransomware dubbed as “magic ransomware,” which may be the updated version of EDA2. EDA2 is an open source ransomware created by Utkusen.
    Read more   

  • RANSOM_CRYPTRITU.A

    This is the Trend Micro detection for the latest variant of ransomware that is written in JavaScript. Based on reports, it has capabilities to run on Windows, Mac OS X and Linux.
    Read more   

  • RANSOM_CRYPTESLA.YYSIX

    This malware is related to the compromised blog page of the UK news media website, "The Independent." Users who visited the hacked page are redirected to sites hosting Angler Exploit Kit.
    Read more   

PREVIOUS
PREVIOUS