The Java class file "gamesload" includes a JAR archive and is part of a piece of malware. The following components of the Trojan are also stored in the archive:
Game.class - 672...
This Trojan downloads another program to the computer and launches it for execution without the user's knowledge. It is a Windows application (PE EXE file) and is 56 320 bytes in size. It is packed...
This Trojan downloads files from the Internet and launches them without the user's knowledge. It is a Windows application (PE EXE file) and is 53 760 bytes in size. It is written in...
Once launched, the backdoor uses the function "GetSystemDefaultLCID" to obtain the ID for the group of national settings that the operating system uses by default. If the value obtained corresponds...
This Trojan stops the computer from functioning normally in order to obtain a ransom for restoring the system to its initial condition. It is a Windows application (PE EXE file) and is 40 448 bytes in...
This Trojan stops the computer from functioning in order to obtain a ransom for restoring it. It is a Windows application (PE EXE file) and is 355 328 bytes in size. It is packed using UPX. The...
This Trojan downloads other malicious programs from the Internet and launches them for execution without the user's knowledge. It is a Windows dynamic library (PE EXE file). It is 53 248 bytes in...
This Trojan delivers a malicious payload to the user's computer. It is a Windows application (PE EXE file). It is 352 256 bytes in size. It is written in Visual Basic.
Installation
When launching,...
This Trojan delivers a malicious payload to the user's computer. It is a Windows application (PE EXE file). It is 142 848 bytes in size. It is written in Delphi.
When the infected page is opened, Java class code starts to run, which leads to the following actions:
The following file is created and launched:
Ñ:\Windows\pay.reg
This causes a change in...
This Trojan provides a malicious user with remote access to the infected computer. It is a Windows application (PE EXE file). It is 365 568 bytes in size. It is written in Delphi.
Installation
Once...
Once launched, the Trojan decrypts its body and then downloads files from the following URL addresses:
http://195.***.144.79/psyim_dfgjkeqw.exe
http://195.***.144.79/setup.exe
http:...
This exploit program uses vulnerabilities in Adobe Reader and Acrobat to execute itself on the user's computer. It is a PDF document containing XML Forms Architecture and Java Script. It is 26,393...
This Trojan downloads other malicious programs from the Internet and launches them for execution without the user's knowledge. It is a Windows application (PE EXE file). It is 21 504 bytes in size....
This Trojan downloads other malicious programs from the Internet and launches them for execution without the user's knowledge. It is a Windows application (PE EXE file). It is 21 504 bytes in size....
The Trojan creates a file named "Deleteme.bat" in its working directory and launches it for execution:
%WorkDir%\Deleteme.bat
The launched file deletes the Trojan's original body and deletes...
This Trojan delivers a malicious payload to the user's computer. It is a Windows application (PE EXE file). It is 18 944 bytes in size. It is written in C++.
Once launched, the Trojan decrypts and extracts the following file from its body to the current user's temporary directory:
%Temp%<rnd1>.tmp
where <rnd1> is a random set of numbers and...
This Trojan delivers a malicious payload to the user's computer. It is a Windows application (PE EXE file). It is 16 384 bytes in size. It is written in C++.
Òðîÿíñêàÿ ïðîãðàììà, ïîðàæàþùàÿ...
|