Search
Keyword: worm_downad
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/27102010104449.jpeg In October, TrendLabs SM reported on PE_LICAT.A-O , a new malware that inserts its code into .EXE files, turning them into the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
This adware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This adware arrives on a system as a
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It requires its main component to successfully perform
Friends or Enemies? How Threats Disguise Their Network Traffic Five Years Old And Still On The Run: DOWNAD Under the Hood of BKDR_ZACCESS Perils of the Popular ZACCESS/SIREFEF Arrives with New Infection
LICAT are file infectors that exhibit ZEUS behaviors. Seen during the last quarter of 2010, these file infectors spread by infecting .EXE files. Some recent variants were seen to be distributed via
Description Name: Possible DOWNAD - Encrypted connection - TCP . This is the Trend Micro detection for malicious N/A network packet that manifest any of the following actions:CallbackThis attack is used for Command and Control Communication
This worm and its variant CODERED.B pose minimal risk to most PCs. It uses a remote buffer overflow vulnerability in Internet Information Service (IIS) Web Servers that can give system-level
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/2911201225434.gif The VOBFUS family of worms is known for their download and propagation routines, which allowed them to gain prominence, as can be
Upon execution, this worm sends an HTTP request to its C&C to download a file. It saves the downloaded file as %Current%\123.tmp , which contains a download link of a torrent file pointing to a
This worm arrives by connecting affected removable drives to a system. It may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while
This worm arrives via peer-to-peer (P2P) shares. It arrives via removable drives. It arrives by accessing affected shared networks. It arrives on a system as a file dropped by other malware or as a
This worm drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation
This worm drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Installation
http://SJC1-TE-CMSAP1.sdi.trendnet.org/dumpImages/1712012103631.jpeg WORM_DORKBOT or NgrBot is an Internet Relay Chat (IRC) bot used for distributed denial-of-service (DDoS) attacks. It became
.ZIP, .RAR and .RAR SFX. Reminiscent of WORM_PROLACO , this worm can spread across password-protected archive files and bypass archive files’ built-in security. What does WORM_PIZZER.SM do to an infected
applications. This worm also downloads a backdoor, detected by Trend Micro as BKDR_BIFROSE.SMU . It also deletes services that disable antivirus applications, rendering the affected system unprotected.
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm may arrive via network shares.
This worm uses Remote Desktop Protocol (RDP) for its propagation routines. This worm registers ntshrui.dll (copy of clb.dll) as a service by creating the a certain registry. It then adds this service