Keyword: zbot
24 Total Search   |   Showing Results : 1 - 20
   Next  
TROJ_UPATRENC.SMJ5
This Trojan may be downloaded by other malware/grayware from remote sites.
BKDR_LIFTOH.AD
This malware is involved in a ZBOT spam campaign that targeted British users. Once the malicious attachment is opened, it inevitable leads to the download of ZBOT malware into the affected system. To get a one-glance comprehensive view of the behavio...
CRYP_ZEMOT
Windows Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: ROVNIX ZBOT ZEMOT If your Trend Micro product detects a file under th...
POSSIBLE_DALEXIS
Windows Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: DALEXIS ROVNIX ZBOT If your Trend Micro product detects a file ...
TROJ_HPMYAPP
Windows NOTES: This is the Trend Micro detection for malware that uses a custom packer (or a “hacker” packer) to avoid detection. This detection may detect malware that belongs to the following malware family: VOBFUS ZBOT TROJ_CRYPTED T...
CRYP_ISPI
Windows Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: BUZUS CIDOX DOFOIL DROPPER FAKEAV INJECT/INJECTOR KULUOZ RANSOM ROVNIX...
CRYP_ZBOT-1
Windows Heuristic Detection This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware: CROWTI DROPPER INJECT/INJECTOR KRYPTIK RANSOM SPYEYES YAKES ZBOT If ...
OPS_HTTP_ZBOT_REQUEST-5
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit) NOTES: This is the Trend Micro detection for malicious network packets that may manifest any of the fol...
ZLOADER
ZLOADER is a banking trojan also known as Terdot and Zbot . This malware is based on leaked code of known ZeuS malware. It uses web injects to steal user credentials and other private information from the victim. It can also steal passwords and cooki...
W97M_SHELLHIDE.A
This malware is involved in an April 2014 attack that leveraged a macro-enabled word document as a malicious spam attachment in order to infect machines with ZBOT malware. Users affected by this malware may find their online banking accounts compromi...
TEQUILA
TEQUILA is bot malware which made headlines after targeting Mexico's financial institutions in 2010. The botnet particularly targeted the country's local Paypal site and the country's largest bank, Bancomer . This malware connects to a C&C server in ...
TSPY64_ZBOT.AANP
This malware is part of the 64-bit ZBOT samples that have been spotted to target 64-bit systems during January 2014. Users affected by this malware may find the security of their systems compromised and their critical personal information stolen (suc...
PE_PATNOTE.A
This malware was discovered on January 2014 as a file infector that not only infects all executable files on an affected system, but also drops a ZBOT variant. Users affected by this malware may find their personal information stolen and their online...
TROJ_UPATRE.YQU
It is a malicious attachment related to a tax-themed spam campaign. The malware connects to malicious URLs to download an encrypted version of a ZBOT variant, which disables the antivirus products installed in the system. To get a one-glance comprehe...
TROJ_CRILOCK.NS
This CryptoLocker is downloaded by a ZeuS/ZBOT variant detected as TSPY_ZBOT.VNA. When executed, it encrypts files and asks users to purchase a decrypting tool. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threa...
TSPY_ZBOT.AAMV
This malware is part of the 64-bit ZBOT samples that have been spotted to target 64-bit systems during January 2014. Users affected by this malware may find the security of their systems compromised and their critical personal information stolen (suc...
TSPY_ZBOT.SMAA7
This spyware may be downloaded by other malware/grayware from remote sites. It does not have any propagation routine. It steals certain information from the system and/or the user. It deletes itself after execution.
TROJ_ZCLICK.A
This malware is noteworthy due to the click fraud routines it exhibits as an entirely new strain of ZBOT. It is capable of opening browser windows and perform mouse actions without user intervention. Users with systems affected by this malware may ex...
TSPY_ZBOT.DOCM
This ZBOT variant is embedded in a .DOCM or macro-enabled document file, which arrives as spammed email attachment. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below. This spyware arrives...
TSPY_ZBOT.VZA
This ZBOT variant was used in a spam run which takes advantage of the UK Tax Return deadline. The said spam message purports to come from HM Revenue and Customs in the UK and informs users of a certain VAT return receipt. This Spyware may be downloa...