PREVIOUS
PREVIOUS
  • RANSOM_WALTRIX.C

    This ransomware, known as CryptXXX, is a .DLL file that is capable of locking screens.
    Read more   

  • TSPY_TOXIFBNKR.A

    This malware is involved in the global financial network transfer system Swift hacking incident of April-May 2016. It has certain routines that are tailored to take advantage of the SWIFT messaging network in order to steal funds.
    Read more   

  • TSPY_BRUTER.A

    This malware is involved in the global financial network transfer system Swift hacking incident of April-May 2016. It is a crucial component of the malware that performs the SWIFT message tampering that then causes financial theft.
    Read more   

  • RANSOM_SHUJIN.A

    This ransomware attempts to bait Chinese users by using Chinese language in its ransom notes and interface.To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.
    Read more   

  • TROJ_LOCKY.DLDRA

    This malware is seen being distributed by the Magnitude Exploit Kit. It exploits a vulnerability in the Windows kernel (CVE-2015-1701) to download a LOCKY ransomware.
    Read more   

  • PDF_FAREIT.BYX

    This is the detection for a malicious PDF file that executes Windows PowerShell via its OpenAction event to download a spyware. As a result, the routines of the spyware are exhibited on the affected system.
    Read more   

  • RANSOM_JIGSAW.A

    This ransomware, discovered in April 2016, deletes the files it encrypts on a set time interval should the affected user delay payment. It also uses pornographic imagery in is routines.
    Read more   

  • RANSOM_LOCKY.PUY

    This ransomware is delivered via the Magnitude exploit kit exploiting the Adobe Flash Player vulnerability CVE-2016-1019.To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threat Diagram shown below.
    Read more   

  • RANSOM_CRYPSAM.C

    SAMSAM is the latest ransomware variant that hit healthcare industry, specifically the Kentucky Hospital. Based on reports, this malware is distributed via unpatched servers, instead of the usual infection vectors such as malicious websites or email attachments.
    Read more   

  • RANSOM_CRYPSAM.B

    SAMSAM is the latest ransomware variant that hit healthcare industry, specifically the Kentucky Hospital. Based on reports, this malware is distributed via unpatched servers, instead of the usual infection vectors such as malicious websites or email attachments.
    Read more   

PREVIOUS
PREVIOUS