Search
Keyword: usojan.sh.brootkit.b
26826 Total Search |
Showing Results : 1 - 20
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It executes
This Trojan deletes itself after execution. Arrival Details This malware arrives via the following means: Downloaded by Trojan.SH.BROOTKIT.A Installation This Trojan adds the following folders:
Arrival Details This malware arrives via the following means: Downloaded by Trojan.SH.BROOTKIT.A Other Details This Rootkit does the following: It is used by Trojan.SH.BROOTKIT.B for its rootkit
persistence: Path: /var/spool/cron/crontabs/ Schedule: Every 30 minutes Command: */30 * * * * sh /etc/newsvc.sh >/dev/null 2>&1 Disables Firewall Deletes the following user accounts: akay vfinder Stops
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Worm arrives on a system as a file
This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Worm arrives on a system as a file
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
the server SH <command> - Executes a command ISH <command> - SH, interactive, sends to channel SHD <command> - Executes a psuedo-daemonized command INSTALL <http
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It modifies files, disabling programs and applications
\shell HKEY_CURRENT_USER\a01\shell\ open HKEY_CURRENT_USER\a01\shell\ open\command HKEY_CURRENT_USER\a01\shell\ runas HKEY_CURRENT_USER\a01\shell\ runas\command HKEY_CURRENT_USER\SH HKEY_CURRENT_USER\SH
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes itself after execution. Arrival Details This
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
\msil_mmcfxcommon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_551cbf74c93dca64 %Windows%\winsxs\x86_microsoft-windows-wpd-status.resources_31bf3856ad364e35_6.1.7600.16385_en-us_084e683222e4e1b4 %AppDataLocal%\pip\cache\http\b\a\9 %System%\DriverStore\FileRepository
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to certain websites to send and receive
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a