Search

This Trojan may be downloaded by other malware/grayware from remote sites.

Windows Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: ROVNIX ZBOT ZEMOT If your Trend Micro product detects a file under th...

Windows Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: DALEXIS ROVNIX ZBOT If your Trend Micro product detects a file ...

Windows NOTES: This is the Trend Micro detection for malware that uses a custom packer (or a “hacker” packer) to avoid detection. This detection may detect malware that belongs to the following malware family: VOBFUS ZBOT TROJ_CRYPTED T...

Windows Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: BUZUS CIDOX DOFOIL DROPPER FAKEAV INJECT/INJECTOR KULUOZ RANSOM ROVNIX...

Windows Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: CROWTI DROPPER INJECT/INJECTOR KRYPTIK RANSOM SPYEYES YAKES ZBOT If ...

Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit) NOTES: This is the Trend Micro detection for malicious network packets that may manifest any of the fol...

ZLOADER is a banking trojan also known as Terdot and Zbot . This malware is based on leaked code of known ZeuS malware. It uses web injects to steal user credentials and other private information from the victim. It can also steal passwords and cooki...

This malware is involved in an April 2014 attack that leveraged a macro-enabled word document as a malicious spam attachment in order to infect machines with ZBOT malware. Users affected by this malware may find their online banking accounts compromi...

TEQUILA is bot malware which made headlines after targeting Mexico's financial institutions in 2010. The botnet particularly targeted the country's local Paypal site and the country's largest bank, Bancomer . This malware connects to a C&C server in ...

This malware was discovered on January 2014 as a file infector that not only infects all executable files on an affected system, but also drops a ZBOT variant. Users affected by this malware may find their personal information stolen and their online...

It is a malicious attachment related to a tax-themed spam campaign. The malware connects to malicious URLs to download an encrypted version of a ZBOT variant, which disables the antivirus products installed in the system. To get a one-glance comprehe...

This CryptoLocker is downloaded by a ZeuS/ZBOT variant detected as TSPY_ZBOT.VNA. When executed, it encrypts files and asks users to purchase a decrypting tool. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threa...

This spyware may be downloaded by other malware/grayware from remote sites. It does not have any propagation routine. It steals certain information from the system and/or the user. It deletes itself after execution.

This malware is noteworthy due to the click fraud routines it exhibits as an entirely new strain of ZBOT. It is capable of opening browser windows and perform mouse actions without user intervention. Users with systems affected by this malware may ex...

This ZBOT variant is embedded in a .DOCM or macro-enabled document file, which arrives as spammed email attachment. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below. This spyware arrives...

This ZBOT variant was used in a spam run which takes advantage of the UK Tax Return deadline. The said spam message purports to come from HM Revenue and Customs in the UK and informs users of a certain VAT return receipt. This Spyware may be downloa...

This ZBOT variant is related to a spam run in which its technique involves spammed messages containing .MSG attachment that contains a .ZIP file attached. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Dia...

This ZEUS/ZBOT variant is found to be distributed via spam campaign in mid-2014. The spammed messages in the said campaign used a certain file storage service. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threa...

This ZBOT variant drops a configuration file that contains a list of its targeted banks and other financial sites. It also steals information from different FTP sites and steals personal certificates from the infected system. It is also related to in...