Malware - Úvod  2019  2018  2017  2016  2015  2014  Bankovní  Databáze  Mobil  Ransom  Znalosti  Programy  Virus Calendar

2018

Datum

Název

Info 

29.12.18 Backdoor.Linux.MIRAI.AS This backdoor may spread to other devices by abusing a Remote Code Execution exploit in Huawei routers.This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
29.12.18 Backdoor.Linux.MIRAI.AR This backdoor may arrive in the affected system via ThinkPHP Remote Code Execution exploit.This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
29.12.18 Trojan.MSIL.BERBOMTHUM.AA This malware connects to a specific post from a specific Twitter account. The image in the post hosts code that connects to a command and control server used by this malware to receive commands.
29.12.18 Coinminer.Linux.MALXMR.UWEIS This malicious cryptocurrency miner is dropped by exploiting two vulnerabilities in Elasticsearch. This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
29.12.18 AndroidOS_FraudBot.OPS
29.12.18 TrojanSpy.Win32.TRICKBOT.AL This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It drops copies of itself into all the removable drives connected to an affected system.
29.12.18 Worm.Win32.BLADABINDI.AA This Trojan Spy arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
29.12.18 BKDR_BINLODR.ZNFJ-A This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
29.12.18 COINMINER.WIN32.MALXMR.TIAOODAM This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
29.12.18 TrojanSpy.Win32.TRICKBOT.AK This Trojan Spy arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

20.12.18

Exp.CVE-2018-8653

Exp.CVE-2018-8653 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8653).

20.12.18

MSH.Backdoor

MSH.Backdoor is a detection for PowerShell scripts that open a backdoor on the compromised computer. It may also download potentially malicious files.

20.12.18

Trojan.Stolepen

Trojan.Stolepen is a Trojan horse that performs malicious activities on the compromised computer.

14.12.18

Trojan.Filerase

Trojan.Filerase is a Trojan horse that deletes files and folders on the compromised computer.

14.12.18

Backdoor.Cobalt

Backdoor.Cobalt is a Trojan horse that opens a backdoor on the compromised computer.

13.12.18

Exp.CVE-18-8611

Exp.CVE-18-8611 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel Local Privilege Escalation Vulnerability (CVE-18-8611).

11.12.18

Android.BankBot.495.origin

A Banking Trojan for Android mobile devices. Its main goal is to steal confidential data. Android.BankBot.495.origin was first detected on Google Play and attacked Brazilian users. The Trojan was distributed under the guise of applications intended for spying on the owners of mobile devices.

9.12.18

Win32/Rootkit.Agent.OCL

Win32/Rootkit.Agent.OCL is a trojan designed to deliver various malware to the user's systems. The file is run-time compressed using Enigma .

7.12.18

Exp.CVE-18-15982

Exp.CVE-18-15982 is a heuristic detection for files attempting to exploit the Adobe Flash Player Use After Free Remote Code Execution Vulnerability (CVE-18-15982).

7.12.18

Ransom.Wixido

Ransom.Wixido is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

5.12.18

Linux.Chalubo

Linux.Chalubo is a Trojan that may use the compromised computer to conduct distributed denial-of-service (DDoS) attacks.

2.12.18

Backdoor.Powemuddy

Backdoor.Powemuddy is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files.

29.11.18

Trojan.Click3.27430

A Trojan clicker, distributed under the guise of the DynDNS app from the website dnsip.ru in the archive Dyn-DNS-Setup-18_11_16_07.zip.

29.11.18

AndroidOS_FraudBot.OPS

Certain applications on Google Play pose as legitimate voice messenger platforms, with suspicious automated functions such as automatic pop-ups of fake surveys and fraudulent ad clicks.

29.11.18

TrojanSpy.Win32.TRICKBOT.AL

This Trojan Spy arrives as an attachment to email messages spammed by other malware/grayware or malicious users.

29.11.18

Worm.Win32.BLADABINDI.AA

This Worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It drops copies of itself into all the removable drives connected to an affected system.

29.11.18

BKDR_BINLODR.ZNFJ-A

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

29.11.18

COINMINER.WIN32.MALXMR.TIAOODAM

This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

29.11.18

TrojanSpy.Win32.TRICKBOT.AK

This Trojan Spy arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

29.11.18

TSPY_TRICKBOT.THOIBEAI

This Trojan Spy steals certain information from the system and/or the user.It connects to certain websites to send and receive information.

29.11.18

Backdoor.Win32.REMCOS.TICOGBZ

This Backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

29.11.18

TROJANSPY.WIN32.GOLROTED.THAOOEAH

This Trojan Spy arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

29.11.18

Backdoor.Linux.SETAG.RPA

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes commands from a remote malicious user, effectively compromising the affected system.

26.11.18

Linux.BtcMine.174

A multicomponent malware program capable of infecting Linux devices and intended to be used for Monero (XMR) mining. It is implemented as a shell script containing over 1,000 lines of code.

26.11.18

Android.Banker.2876

A Trojan for Android mobile devices, spreading under the guise of banking applications. Attackers use Firebase Realtime Database and Firebase Cloud Messaging to manage Android.Banker.2876 and transfer data

14.11.18

Ransom.Kraken

Ransom.Kraken is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

8.11.18

Trojan.Fastcash

Trojan.Fastcash is a Trojan horse that injects code into running processes on the compromised computer.

25.10.18

Trojan.Crobaruko

Trojan.Crobaruko is a Trojan horse that steals information from the compromised computer.

25.10.18

Win32/Agent.ZXC

Win32/Agent.ZXC is a trojan that can interfere with the operation of certain applications. The trojan blocks calls to certain numbers.

24.10.18

Hacktool.Posh

Hacktool.Posh is a tool that runs PowerShell scripts on the computer.

23.10.18

Win32/Braces.A

Win32/Braces.A serves as a backdoor. It can be controlled remotely.

19.10.18

Exp.CVE-18-8453

Exp.CVE-18-8453 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability (CVE-18-8453).

19.10.18

Infostealer.Azorult

Infostealer.Azorult is a Trojan horse that steals information from the compromised computer.

13.10.18

Trojan.Danabot.B

Trojan.Danabot.B is a Trojan horse that steals information from the compromised computer.

10.10.18

Trojan.Betabot.B

Trojan.Betabot.B is a Trojan horse that steals information from the compromised computer.

5.10.18

Heur.AdvML.JS.C

Heur.AdvML.JS.C is a heuristic detection designed to generically detect malicious files using advanced machine learning technology.

5.10.18

CL.Downloader

CL.Downloader is a threat that downloads potentially malicious files onto the compromised computer.

2.10.18

Trojan.Madominer

Trojan.Madominer is a worm that propagates by exploiting three vulnerabilities. It installs a coinminer. It may also download potentially malicious files.

2.10.18

Trojan.Lojax

Trojan.Lojax is a Trojan horse that may download potentially malicious files onto the compromised computer.

29.9.18

MSIL/Kryptik

MSIL/Kryptik is a generic detection of malicious obfuscated code within files with MSIL format.

29.9.18

MSIL/GenKryptik

MSIL/GenKryptik is a generic detection of malicious obfuscated code within files with MSIL format.

29.9.18

Trojan.Flawedammyy

Trojan.Flawedammyy is a Trojan horse that opens a backdoor and performs malicious actions on the compromised computer.

28.9.18

Coinminer.Unix.MALXMR.AA

This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

28.9.18

Trojan.JS.POWLOAD.AA

This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

22.9.18

Backdoor.SofacyX

Backdoor.SofacyX is a Trojan horse that opens a backdoor on the compromised computer.

22.9.18

Trojan.Loaderinit

Trojan.Loaderinit is a Trojan horse that loads and decrypts additional malware in the compromised computer's memory.

21.9.2018 Infostealer.Jscoffe Infostealer.Jscoffe is a malicious script embedded on ecommerce websites to steal users' credit card information at checkout.
18.9.2018 RANSOM_PYLOCKY.A This Ransomware arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
14.9.2018 Downloader.Pocode Downloader.Pocode is a Trojan horse that downloads potentially malicious files onto the compromised computer.
14.9.2018 Trojan.Chainshot Trojan.Chainshot is a Trojan horse that steals information from the compromised computer. It may also download potentially malicious files.
8.9.2018 Trojan.Zexlex Trojan.Zexlex is a Trojan horse that opens a backdoor on the compromised computer.
6.9.2018 TSPY_BEBLOH.YMNPV This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
6.9.2018 TROJ_MALIQY.E This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
6.9.2018 TSPY_URSNIF.TIBAIDO This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by other malware/grayware from remote sites.
6.9.2018 TSPY_URSNIF.AUSIQJ This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It connects to certain websites to send and receive information.
4.9.2018 Win32/Agent.ZPG The trojan serves as a backdoor. It can be controlled remotely.
4.9.2018 Win64/Agent.ZPG The trojan serves as a backdoor. It can be controlled remotely.
4.9.2018 Win64/Filecoder.R Win64/Filecoder.R is a trojan that encrypts files on fixed, removable and network drives. To decrypt files the user is requested to comply with given conditions in exchange for a password/instructions.
29.8.2018 Backdoor.Datper Backdoor.Datper is a Trojan horse that opens a backdoor on the compromised computer.
27.8.2018 Backdoor.Fallchill Backdoor.Fallchill is a Trojan horse that opens a backdoor on the compromised computer.
17.8.2018 Win32/Filecoder.Ouroboros.A Win32/Filecoder.Ouroboros.A is a trojan that encrypts files on fixed, removable and network drives. To decrypt files, the user is asked to send information/certain amount of money via the Bitcoin payment service
17.8.2018 Win32/TrojanDownloader.Agent.EAT Win32/TrojanDownloader.Agent.EAT is a trojan which tries to download other malware from the Internet.
17.8.2018 MSIL/Agent.RY MSIL/Agent.RY is a worm that spreads via removable media.
17.8.2018 RANSOM_PRINCESSLOCKER.B This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
17.8.2018 Exp.CVE-2018-8373 Exp.CVE-2018-8373 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2018-8373).
15.8.2018 Exp.CVE-2018-8414 Exp.CVE-2018-8414 is a heuristic detection for files attempting to exploit the Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414).
15.8.2018 Exp.CVE-2018-12799 Exp.CVE-2018-12799 is a heuristic detection for files attempting to exploit the Adobe Acrobat and Reader APSB18-29 Multiple Arbitrary Code Execution Vulnerabilities (CVE-2018-12799).
15.8.2018 Exp.CVE-2018-12824 Exp.CVE-2018-12824 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-25 Multiple Information Disclosure Vulnerabilities (CVE-2018-12824).
15.8.2018 Exp.CVE-2018-12827 Exp.CVE-2018-12827 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-25 Multiple Information Disclosure Vulnerabilities (CVE-2018-12827).
15.8.2018 Exp.CVE-2018-12826 Exp.CVE-2018-12826 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-25 Multiple Information Disclosure Vulnerabilities (CVE-2018-12826).

13.8.2018

JS.Cesaletat JS.Cesaletat is a detection for a JavaScript used to download potentially malicious files onto the compromised computer.

10.8.2018

TROJ_MALOAD.QFKG This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with malware/grayware packages.

10.8.2018

TROJ_DLOADR.AUSUMQ This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
10.8.2018 TROJ_DLOADR.AUSUMP This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
10.8.2018 ELF_MIRAI.LBOUG This Worm may be downloaded by other malware/grayware from remote sites.It executes then deletes itself afterward.
10.8.2018 UNIX_MIRAI.DLDS This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes then deletes itself afterward.
10.8.2018 BKDR_FLAWEDMMYY.B This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by other malware/grayware from remote sites.

10.8.2018

BKDR_FLAWEDAMMYY.DLOADR This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes the downloaded files.
10.8.2018 TROJ_KILLMBR.EE This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
10.8.2018 ELF_VPNFILT.D This Trojan may be downloaded by other malware/grayware from remote sites.
10.8.2018 ELF_VPNFILT.C This Trojan may be downloaded by other malware/grayware from remote sites. It arrives as a component bundled with malware/grayware packages.
10.8.2018 ELF_VPNFILT.B This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be downloaded by other malware/grayware from remote sites.

10.8.2018

ELF_VPNFILT.A This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.As of this writing, the said sites are inaccessible.
10.8.2018 PE_XIAOBAMINER.SM This coinminer has file infecting capabilities.This File infector arrives via removable drives.
10.8.2018 COINMINER_COINHIVE.E-JS This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user accesses the said website
10.8.2018 TROJ_PYEB.A This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with malware/grayware packages.
10.8.2018 RANSOM_LOCKY.TIAOKAI This ransomware is downloaded from Greenflash-Sundown exploit kit's use of CVE-2018-4878.This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.8.2018

BKDR_NUKESPED.A This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It listens on ports.
10.8.2018 TROJ_OLYMPICDESTROYER.A This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It does not have any backdoor routine.
10.8.2018 BKDR_PROTUX.SMZKEB-G This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes then deletes itself afterward.
10.8.2018 ANDROIDOS_CHMINER.A Rapid spreading Miner botnetThis Coinminer arrives as a component bundled with malware/grayware packages.It uses the system's central processing unit (CPU) and/or graphical processing unit (GPU) resources to mine cryptocurrency.
10.8.2018 OSX64_CVE20175753.POC This proof of concept attempts to exploit a vulnerability known as Spectre. If successful, it allows exploitation of said vulnerability in Mac OS systems.

9.8.2018

Trojan.Nibatad Trojan.Nibatad is a Trojan horse that decrypts, loads, and launches potentially malicious files on the compromised computer.

9.8.2018

MSH.Dropper MSH.Dropper is a detection for PowerShell scripts that drop and execute malware.

4.8.2018

Win32/Spy.Buhtrap.L Win32/Spy.Buhtrap.L is a trojan that steals passwords and other sensitive information.

30.7.2018

OSX.Calisto

OSX.Calisto is a Trojan horse that opens a backdoor on the compromised computer.

28.7.2018

Hacktool.Phantom

Hacktool.Phantom is a tool that allows an attacker to generate polymorphic payloads to evade detection on multiple operating systems.

28.7.2018

Trojan.Redgamble

Trojan.Redgamble is a Trojan horse that steals information from the compromised computer.

28.7.2018

Exp.CVE-2018-5008 Exp.CVE-2018-5008 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-24 Arbiitrary Code Execution and Information Disclosure Vulnerabilities (CVE-2018-5008).

28.7.2018

Exp.CVE-2018-5028 Exp.CVE-2018-5028 is a heuristic detection for files attempting to exploit the Adobe Acrobat and Reader APSB18-21 Multiple Heap Buffer Overflow Vulnerabilities (CVE-2018-5028).

28.7.2018

Exp.CVE-2018-5040 Exp.CVE-2018-5040 is a heuristic detection for files attempting to exploit the Adobe Acrobat and Reader APSB18-21 Multiple Heap Buffer Overflow Vulnerabilities (CVE-2018-5040).

28.7.2018

Exp.CVE-2018-5061 Exp.CVE-2018-5061 is a heuristic detection for files attempting to exploit the Adobe Acrobat and Reader APSB18-21 Multiple Information Disclosure Vulnerabilities (CVE-2018-5061).

28.7.2018

Exp.CVE-2018-12789 Exp.CVE-2018-12789 is a heuristic detection for files attempting to exploit the Adobe Acrobat and Reader APSB18-21 Multiple Information Disclosure Vulnerabilities (CVE-2018-12789).

28.7.2018

Exp.CVE-2018-8324 Exp.CVE-2018-8324 is a heuristic detection for files attempting to exploit the Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8324).

24.7.2018

Trojan.Zombieboy Trojan.Zombieboy is a Trojan horse that may perform malicious activities on the compromised computer.

24.7.2018

BKDR_FLAWEDMMYY.B

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.7.2018

BKDR_FLAWEDAMMYY.DLOADR

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.7.2018

TROJ_KILLMBR.EE

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

20.7.2018

Downloader.Zacinlo

Downloader.Zacinlo is a Trojan horse that downloads potentially malicious files onto the compromised computer.

12.7.2018

Trojan.Peralta

Trojan.Peralta is a Trojan horse that targets automated teller machines (ATMs). It opens a back door on the compromised computer.

12.7.2018

Win32/Emotet.BK

Win32/Emotet.BK serves as a backdoor. It can be controlled remotely.

12.7.2018

Exp.CVE-2018-8125

Exp.CVE-2018-8125 is a heuristic detection for files attempting to exploit the Microsoft Chakra Scripting Engine CVE-2018-8125 Remote Memory Corruption Vulnerability (CVE-2018-8125).

12.7.2018

Exp.CVE-2018-8242

Exp.CVE-2018-8242 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine CVE-2018-8242 Remote Memory Corruption Vulnerability (CVE-2018-8242).

12.7.2018

Exp.CVE-2018-8262

Exp.CVE-2018-8262 is a heuristic detection for files attempting to exploit the Microsoft Edge CVE-2018-8262 Remote Memory Corruption Vulnerability (CVE-2018-8262).

12.7.2018

Exp.CVE-2018-8274

Exp.CVE-2018-8274 is a heuristic detection for files attempting to exploit the Microsoft Edge CVE-2018-8274 Remote Memory Corruption Vulnerability (CVE-2018-8274).  

12.7.2018

Exp.CVE-2018-8297

Exp.CVE-2018-8297 is a heuristic detection for files attempting to exploit the Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8297).

12.7.2018

Exp.CVE-2018-8296

Exp.CVE-2018-8296 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8296).

12.7.2018

Exp.CVE-2018-8291

Exp.CVE-2018-8291 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability (CVE-2018-8291).

12.7.2018

Exp.CVE-2018-8289

Exp.CVE-2018-8289 is a heuristic detection for files attempting to exploit the Microsoft Edge Information Disclosure Vulnerability (CVE-2018-8289).

12.7.2018

Exp.CVE-2018-8288

Exp.CVE-2018-8288 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability (CVE-2018-8288).

12.7.2018

Exp.CVE-2018-8275

Exp.CVE-2018-8275 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8279).  

12.7.2018

Exp.CVE-2018-8279

Exp.CVE-2018-8279 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8279).

12.7.2018

Exp.CVE-2018-8283

Exp.CVE-2018-8283 is a heuristic detection for files attempting to exploit the Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8283).

11.7.2018

Win32/Emotet.BK

Win32/Emotet.BK serves as a backdoor. It can be controlled remotely.

11.7.2018

Hacktool.Zacinlo

Hacktool.Zacinlo is a tool that can be used to perform malicious activities on the compromised computer

11.7.2018

Backdoor.Ophop

Backdoor.Plaintee is a Trojan horse that opens a backdoor on the compromised computer.

11.7.2018

Backdoor.Plaintee

Backdoor.Ophop is a Trojan horse that opens a backdoor on the compromised computer.

5.7.2018

Backdoor.Plaintee

Backdoor.Plaintee is a Trojan horse that opens a backdoor on the compromised computer.

28.6.2018

Win32/Formbook.AA

The trojan serves as a backdoor. It can be controlled remotely.

28.6.2018

Win32/Formbook

The trojan serves as a backdoor. It can be controlled remotely.

26.6.2018

Trojan.Quasar.B

Trojan.Quasar.B is a Trojan horse that opens a back door and may perform malicious activities on the compromised computer.

26.6.2018

Trojan.Backswap

Trojan.Backswap is a Trojan horse that may perform malicious activities on the compromised computer.

26.6.2018

Backdoor.Veilev

Backdoor.Veilev is a Trojan horse that opens a backdoor on the compromised computer.

22.6.2018 OSX.Evilosx OSX.Evilosx is a Trojan horse that opens a backdoor on the compromised computer.

22.6.2018

Backdoor.Sagerunex Backdoor.Sagerunex is a Trojan horse that opens a backdoor and downloads potentially malicious files onto the compromised computer.

20.6.2018

Trojan.Invisimole Trojan.Invisimole is a Trojan horse that opens a backdoor on the compromised computer.

19.6.2018

Exp.CVE-2018-5002 Exp.CVE-2018-5002 is a heuristic detection for files attempting to exploit the Adobe Flash Player CVE-2018-5002 Stack Buffer Overflow Vulnerability (CVE-2018-5002).

13.6.2018

Trojan.Danabot Trojan.Danabot is a Trojan horse that may perform malicious activities on the compromised computer.

13.6.2018

COINMINER_COINHIVE.E-JS

This Coinminer arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

13.6.2018

TROJ_KILLMBR.EE

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

13.6.2018

Trojan.Ursnif

Trojan.Ursnif is a Trojan horse that steals information from the compromised computer.

13.6.2018

Exp.CVE-2018-8267

Exp.CVE-2018-8267 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8267).

13.6.2018

Exp.CVE-2018-8249

Exp.CVE-2018-8249 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2018-8249).

13.6.2018

Exp.CVE-2018-8248

Exp.CVE-2018-8248 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8248).

13.6.2018

Exp.CVE-2018-8236

Exp.CVE-2018-8236 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-8236).

13.6.2018

Exp.CVE-2018-8229

Exp.CVE-2018-8229 is a heuristic detection for files attempting to exploit the Microsoft Chakra Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8229).

13.6.2018

Exp.CVE-2018-8210

Exp.CVE-2018-8210 is a heuristic detection for files attempting to exploit the Microsoft Windows Arbitrary Code Execution Vulnerability (CVE-2018-8210).

13.6.2018

Exp.CVE-2018-8111

Exp.CVE-2018-8111 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-8111).

13.6.2018

Exp.CVE-2018-8110

Exp.CVE-2018-8110 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-8110).

13.6.2018

TROJ_KILLMBR.EE

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

13.6.2018

Exp.CVE-2018-5000

Exp.CVE-2018-5000 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-19 Multiple Security Vulnerabilities (CVE-2018-5000).

13.6.2018

Exp.CVE-2018-5001

Exp.CVE-2018-5001 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-19 Multiple Security Vulnerabilities (CVE-2018-5001)

11.6.2018

Exp.CVE-2018-4995

Exp.CVE-2018-4995 is a heuristic detection for files attempting to exploit the Adobe Acrobat and Adobe Reader Privilege Escalation Vulnerability (CVE-2018-4995)

6.6.2018

VBS/TrojanDownloader.Agent.OBQ

VBS/TrojanDownloader.Agent.OBQ is a trojan which tries to download other malware from the Internet.

6.6.2018

Win32/TrojanDownloader.Agent.DWX

Win32/TrojanDownloader.Agent.DWX is a trojan which tries to download other malware from the Internet. The trojan can interfere with the operation of certain applications.

6.6.2018

Win32/Filecoder.Rapid.A

Win32/Filecoder.Rapid.A is a trojan that encrypts files on local drives. To restore files to their original state the user is requested to send an e-mail to a specified address in exchange for a password/instructions.

6.6.2018

Win32/Corebot.F

Win32/Corebot.F serves as a backdoor. It can be controlled remotely. The trojan collects various sensitive information.

31.5.2018

Exp.CVE-2018-4995

Exp.CVE-2018-4995 is a heuristic detection for files attempting to exploit the Adobe Acrobat and Adobe Reader Privilege Escalation Vulnerability (CVE-2018-4995).

31.5.2018

Trojan.Wipeboot

Trojan.Wipeboot is a Trojan horse that wipes the first sector of each disk, including the Master Boot Record (MBR), on the compromised computer.

30.5.2018

Win32/Agent.TDK

Win32/Agent.TDK serves as a backdoor. It can be controlled remotely.

27.5.2018

Exp.CVE-2018-4990

Exp.CVE-2018-4990 is a heuristic detection for files attempting to exploit the Adobe Acrobat and Reader Arbitrary Code Execution Vulnerability (CVE-2018-4990).

24.5.2018

Win32/Agent.YEV

Win32/Agent.YEV serves as a backdoor. It can be controlled remotely.

24.5.2018

Win32/Filecoder.SynAck.A

Win32/Filecoder.SynAck.A is a trojan that encrypts files on fixed, removable and network drives. To decrypt files the user is requested to comply with given conditions in exchange for a password/instructions.

24.5.2018

Win32/Agent.ZNG

Win32/Agent.ZNG is a trojan that can interfere with the operation of certain applications.

12.5.2018

Exp.CVE-2018-8137

Exp.CVE-2018-8137 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-8137).

12.5.2018

Exp.CVE-2018-4944

Exp.CVE-2018-4944 is a heuristic detection for files attempting to exploit the Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2018-4944).

11.5.2018

Win64/NukeSped.AQ

Win64/NukeSped.AQ is a trojan designed to deliver various malware to the user's systems.

11.5.2018

Win32/SdbMine.B

Win32/SdbMine.B is a trojan designed to deliver various malware to the user's systems.

10.5.2018

Exp.CVE-2018-0953

Exp.CVE-2018-0953 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0953).

10.5.2018

Exp.CVE-2018-8114

Exp.CVE-2018-8114 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8114).

10.5.2018

Exp.CVE-2018-8122

Exp.CVE-2018-8122 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8122).

10.5.2018

Exp.CVE-2018-8133

Exp.CVE-2018-8133 is a heuristic detection for files attempting to exploit the Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-8133).

10.5.2018

Exp.CVE-2018-8123

Exp.CVE-2018-8123 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-8123).

10.5.2018

Exp.CVE-2018-8147

Exp.CVE-2018-8147 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8147).

10.5.2018

Exp.CVE-2018-8148

Exp.CVE-2018-8148 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-8148).

10.5.2018

Exp.CVE-2018-0946

Exp.CVE-2018-0946 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0946).

10.5.2018

Exp.CVE-2018-0951

Exp.CVE-2018-0951 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0951).

10.5.2018

Exp.CVE-2018-8174

Exp.CVE-2018-8174 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer VBScript Engine Arbitrary Code Execution Vulnerability (CVE-2018-8174).

10.5.2018

Exp.CVE-2018-8157

Exp.CVE-2018-8157 is a heuristic detection for files attempting to exploit the Microsoft Office CVE-2018-8157 Remote Code Execution Vulnerability (CVE-2018-8157).

10.5.2018

Exp.CVE-2018-8158

Exp.CVE-2018-8158 is a heuristic detection for files attempting to exploit the Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8158).

10.5.2018

Exp.CVE-2018-8179

Exp.CVE-2018-8179 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-8179).

10.5.2018

Exp.CVE-2018-0955

Exp.CVE-2018-0955 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0955).

9.5.2018

JS.Facexworm

JS.Facexworm is a worm that spreads via Facebook Messenger and downloads potentially malicious files onto the compromised computer.

4.5.2018

Win32/SdbMine.C

Win32/SdbMine.C is a trojan designed to deliver various malware to the user's systems.

4.5.2018

Win32/SdbMine.A

Win32/SdbMine.A is a trojan that uses the hardware resources of the infected computer for mining the Monero digital currency.

3.5.2018

Win32/Delf.BFP

Win32/Delf.BFP serves as a backdoor. It can be controlled remotely.

3.5.2018

Win32/Qadars.AZ

Win32/Qadars.AZ is a trojan which tries to download other malware from the Internet.

20.4.2018

Trojan.Stresspaint

Trojan.Stresspaint is a Trojan horse that steals infromation from the compromised computer.

19.4.2018

Win32/Agent.OBS

Win32/Agent.OBS is a worm which tries to download other malware from the Internet. The worm usually contains within the main malware body another malware files. The worm tries to create files on the available remote computers.

19.4.2018

Win32/Korplug.HM

The trojan serves as a backdoor. It can be controlled remotely. The file is run-time compressed using RAR SFX .

19.4.2018

Win32/Filecoder.Crysis.P

Win32/Filecoder.Crysis.P is a trojan that encrypts files on fixed, removable and network drives. To decrypt files the user is requested to comply with given conditions in exchange for a password/instructions.

18.4.2018

Trojan.IcedID

Trojan.IcedID is a Trojan horse that steals information from the compromised computer.

17.4.2018

Win32/Agent.ZIL

The trojan serves as a proxy server. The trojan is usually a part of other malware.

17.4.2018

Win32/Liech.G

Win32/Liech.G is a trojan which uses the computer's modem to dial premium rate numbers.

17.4.2018

Trojan.Cryptoshuf

Trojan.Cryptoshuf is a Trojan horse that uses the compromised computer for cryptocurrency mining.

15.4.2018

PE_XIAOBAMINER.SM

This File infector arrives via removable drives.

12.4.2018

W32.Downuk

W32.Downuk is a worm that replaces Bitcoin addresses found in the clipboard. It spreads via removable drives

12.4.2018

Exp.CVE-2018-4932

Exp.CVE-2018-4932 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities (CVE-2018-4932).

12.4.2018

Exp.CVE-2018-4933

Exp.CVE-2018-4933 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities (CVE-2018-4933).

12.4.2018

Exp.CVE-2018-4934

Exp.CVE-2018-4934 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities (CVE-2018-4934).

12.4.2018

Exp.CVE-2018-4935

Exp.CVE-2018-4935 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities (CVE-2018-4935).

12.4.2018

Exp.CVE-2018-4937

Exp.CVE-2018-4937 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities (CVE-2018-4937).

12.4.2018

Exp.CVE-2018-4936

Exp.CVE-2018-4936 is a heuristic detection for files attempting to exploit the Adobe Flash Player APSB18-08 Multiple Security Vulnerabilities (CVE-2018-4936).

12.4.2018

Exp.CVE-2018-1003

Exp.CVE-2018-1003 is a heuristic detection for files attempting to exploit the Microsoft Jet Database Engine Buffer Overflow Vulnerability (CVE-2018-1003).

12.4.2018

Exp.CVE-2018-1001

Exp.CVE-2018-1001 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-1001).

12.4.2018

Exp.CVE-2018-1004

Exp.CVE-2018-1004 is a heuristic detection for files attempting to exploit the Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-1004).

12.4.2018

Exp.CVE-2018-1010

Exp.CVE-2018-1010 is a heuristic detection for files attempting to exploit the Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-1010).

12.4.2018

Exp.CVE-2018-1011

Exp.CVE-2018-1011 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1011).

12.4.2018

Exp.CVE-2018-1012

Exp.CVE-2018-1012 is a heuristic detection for files attempting to exploit the Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-1012).

12.4.2018

Exp.CVE-2018-1013

Exp.CVE-2018-1013 is a heuristic detection for files attempting to exploit the Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-1013).

12.4.2018

Exp.CVE-2018-1015

Exp.CVE-2018-1015 is a heuristic detection for files attempting to exploit the Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-1015).

12.4.2018

Exp.CVE-2018-1016

Exp.CVE-2018-1016 is a heuristic detection for files attempting to exploit the Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-1016).

12.4.2018

Exp.CVE-2018-1023

Exp.CVE-2018-1023 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Memory Corruption Vulnerability (CVE-2018-1023).

12.4.2018

Exp.CVE-2018-1026

Exp.CVE-2018-1026 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1026).

12.4.2018

Exp.CVE-2018-1027

Exp.CVE-2018-1027 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1027).

12.4.2018

Exp.CVE-2018-1028

Exp.CVE-2018-1028 is a heuristic detection for files attempting to exploit the Microsoft Office Remote Code Execution Vulnerability (CVE-2018-1028).

12.4.2018

Exp.CVE-2018-1029

Exp.CVE-2018-1029 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-1029).

12.4.2018

Exp.CVE-2018-1030

Exp.CVE-2018-1030 is a heuristic detection for files attempting to exploit the Microsoft Office Remote Code Execution Vulnerability (CVE-2018-1030).

12.4.2018

W32.Rarogminer

W32.Rarogminer is a worm that uses the compromised computer for cryptocurrency mining, downloads potentially malicious files, and performs DDoS attacks. It spreads by copying itself to removable drives.

12.4.2018

Exp.CVE-2018-0920

Exp.CVE-2018-0920 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-0920).

12.4.2018

Exp.CVE-2018-0980

Exp.CVE-2018-0980 is a heuristic detection for files attempting to exploit the Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0980).

12.4.2018

Exp.CVE-2018-0988

Exp.CVE-2018-0988 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2018-0988).

12.4.2018

Exp.CVE-2018-0990

Exp.CVE-2018-0990 is a heuristic detection for files attempting to exploit the Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0990).

12.4.2018

Exp.CVE-2018-0994

Exp.CVE-2018-0994 is a heuristic detection for files attempting to exploit the Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0994).

12.4.2018

Exp.CVE-2018-0993

Exp.CVE-2018-0993 is a heuristic detection for files attempting to exploit the Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0993).

12.4.2018

Exp.CVE-2018-0995

Exp.CVE-2018-0995 is a heuristic detection for files attempting to exploit the Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0995).

12.4.2018

Exp.CVE-2018-0996

Exp.CVE-2018-0996 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0996).

12.4.2018

Exp.CVE-2018-0998

Exp.CVE-2018-0998 is a heuristic detection for files attempting to exploit the Microsoft Edge Information Disclosure Vulnerability (CVE-2018-0998).

10.4.2018

Trojan.Coinminer.B

Trojan.Coinminer.B is a Trojan horse that uses the compromised computer for cryptocurrency mining.

10.4.2018

W32.Mysracoin

W32.Mysracoin is a worm that opens a backdoor on compromised computers and spreads using the EternalBlue exploit.

7.4.2018

OSX_OCEANLOTUS.D

We identified a MacOS backdoor (detected by Trend Micro as OSX_OCEANLOTUS.D) that we believe is the latest version of a threat used by OceanLotus (a.k.a. APT 32, APT-C-00, SeaLotus, and Cobalt Kitty).

6.4.2018

Win32/Agent.SWZ

Win32/Agent.SWZ is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine.

6.4.2018

W97M.Eplose

W97M.Eplose is a Trojan horse that drops malicious files onto the compromised computer.

4.4.2018

Trojan.Coinreg

Trojan.Coinreg is a Trojan horse that uses the compromised computer for cryptocurrency mining.

4.4.2018

Ransom.Precist

Ransom.Precist is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

4.4.2018

Linux.Hajime

Linux.Hajime is a worm that opens a backdoor and may download additional files onto the compromised computer.

4.4.2018

Trojan.Cadbex

Trojan.Cadbex is a Trojan horse that uses the compromised computer to mine cryptocurrency.

3.4.2018

Downloader.Malurl

Downloader.Malurl is a Trojan horse that downloads potentially malicious files.

3.4.2018

Backdoor.Leenania

Backdoor.Leenania is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files and steal information.

29.3.2018

Heur.AdvML.M

Heur.AdvML.M is a heuristic detection designed to generically detect malicious files using advanced machine learning technology. A file detected by this detection name is deemed by Symantec to pose a risk to users and is therefore blocked from accessing the computer.

29.3.2018

Win32/Shyape.T

Win32/Shyape.T is a trojan which tries to download other malware from the Internet.

29.3.2018

Win64/Emotet.AB

Win64/Emotet.AB is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine.

29.3.2018

Ransom.Zenis

Ransom.Zenis is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

28.3.2018

MSH.Gosopad

MSH.Gosopad is a PowerShell script that steals information from the compromised computer. It may also download potentially malicious files and install a Monero miner.

27.3.2018

Trojan.Ipafanli

Trojan.Ipafanli is a Trojan horse that may perform malicious activities on the compromised computer.

23.3.2018

Win64/CoinMiner

Win64/CoinMiner is a trojan that uses the hardware resources of the infected computer for mining the digital currency.

23.3.2018

JS/CoinMiner

JS/CoinMiner is a trojan that uses the hardware resources of the infected computer for mining the digital currency.

23.3.2018

Trojan.Fakeinstall

JS/CoinMiner is a trojan that uses the hardware resources of the infected computer for mining the digital currency. The program code of the malware is usually embedded in HTML pages.

19.3.2018

Backdoor.Teawhy

Backdoor.Teawhy is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files and steal information. 

16.3.2018

W32.Xiaobaminer

W32.Xiaobaminer is a worm that spreads via removable drives. 

16.3.2018

Backdoor.Ohlotus

Backdoor.Ohlotus is a Trojan horse that opens a backdoor on the compromised computer. 

16.3.2018

Downloader.Miner

Downloader.Miner is a Trojan horse that may perform malicious activities on the compromised computer.

14.3.2018

Ransom.DataKeeper

Ransom.DataKeeper is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

14.3.2018

Ransom.Rapid

Ransom.DataKeeper is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

10.3.2018

ANDROIDOS_CHMINER.A

This Coinminer arrives as a component bundled with malware/grayware packages.

10.3.2018

TROJ64_CVE20175754.POC

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

TROJ64_CVE20175753.POE

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

TROJ_CVE20175753.POH

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

TROJ_CVE20175753.POG

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

TROJ64_CVE20175753.POD

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

TROJ_CVE20175753.POI

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

TROJ_CVE20175753.POF

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

TROJ_CVE20175753.POE

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

ELF64_CVE20175753.POC

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

ELF64_CVE20175753.POD

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

OSX64_CVE20175753.POC

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

TROJ_CVE20175753.POD

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

10.3.2018

Win32/XeyoRat.C

Win32/XeyoRat.C is a trojan which tries to download other malware from the Internet. The trojan collects various sensitive information. The trojan attempts to send gathered information to a remote machine.

8.3.2018

Trojan.Oldishell

Trojan.Oldishell is a Trojan horse that opens a backdoor and may perform malicious activities on the compromised computer.

8.3.2018

VBS.Tendnob

VBS.Tendnob is a Trojan horse that opens a backdoor on the compromised computer and installs a coinminer. It may also steal information and download potentially malicious files.

8.3.2018

Trojan.Udpos

Trojan.Udpos is a Trojan horse that steals information from the compromised computer.

8.3.2018

Downloader.Powload

Downloader.Powload is a Trojan horse that downloads potentially malicious files onto the compromised computer.

8.3.2018

Backdoor.Mogefla

Backdoor.Mogefla is a Trojan horse that opens a backdoor on the compromised computer.

8.3.2018

Trojan.Shminer

Trojan.Shminer is a Trojan horse that downloads and runs an open-source Monero cryptocurrency miner and uses the compromised computer to mine Monero for the attacker.

8.3.2018

Trojan.Minjen

Trojan.Minjen is a Trojan horse that opens a backdoor on the compromised computer. It may also steal information and download potentially malicious files, including a Monero miner.

8.3.2018

Win32/XeyoRat.A

Win32/XeyoRat.A is a trojan which tries to download other malware from the Internet.

8.3.2018

Win32/XeyoRat.B

Win32/XeyoRat.B serves as a backdoor. It can be controlled remotely.

1.3.2018

Win32/Talkhib.A

Win32/Talkhib.A is a trojan which tries to download other malware from the Internet. It uses techniques common for rootkits.

21.2.2018

Win32/Tomyjery.A

The trojan serves as a backdoor. It can be controlled remotely.

21.2.2018

Win32/TrojanDownloader.Agent.DVC

Win32/TrojanDownloader.Agent.DVC is a trojan which tries to download other malware from the Internet. It can be controlled remotely. The file is run-time compressed using Obsidium .

15.2.2018

Exp.CVE-2018-0841

Exp.CVE-2018-0841 is a heuristic detection for files attempting to exploit the Microsoft Excel Remote Code Execution Vulnerability (CVE-2018-0841).

15.2.2018

Exp.CVE-2018-0742

Exp.CVE-2018-0742 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel Local Privilege Escalation Vulnerability (CVE-2018-0742).

15.2.2018

Exp.CVE-2018-0756

Exp.CVE-2018-0756 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel Local Privilege Escalation Vulnerability (CVE-2018-0756)

15.2.2018

Exp.CVE-2018-0842

Exp.CVE-2018-0842 is a heuristic detection for files attempting to exploit the Microsoft Windows Local Privilege Escalation Vulnerability (CVE-2018-0842).

15.2.2018

Exp.CVE-2018-0834

Exp.CVE-2018-0834 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0834).

15.2.2018

Exp.CVE-2018-0835

Exp.CVE-2018-0835 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0835).

15.2.2018

Exp.CVE-2018-0837

Exp.CVE-2018-0837 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0837).

15.2.2018

Exp.CVE-2018-0838

Exp.CVE-2018-0838 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0838)

15.2.2018

Exp.CVE-2018-0840

Exp.CVE-2018-0840 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability (CVE-2018-0840).

15.2.2018

Exp.CVE-2018-0858

Exp.CVE-2018-0858 is a heuristic detection for files attempting to exploit the Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0858).

15.2.2018

Exp.CVE-2018-0860

Exp.CVE-2018-0860 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0860).

13.2.2018

Trojan.Olydestroy

Trojan.Olydestroy is a Trojan horse that collects information from the compromised computer and browsers in order to spread across the network.

13.2.2018

OSX.Coinminer

OSX.Coinminer is a Trojan horse that uses the compromised computer to mine cryptocurrency.

13.2.2018

W97M.Jelous

W97M.Jelous is a Trojan horse that downloads malicious files onto the compromised computer.

13.2.2018

Downloader.Jelous

Downloader.Jelous is a Trojan horse that downloads malicious files onto the compromised computer.

13.2.2018

Win64/Vools.B

Win64/Vools.B is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine. It is able to spread via network exploiting vulnerabilities of the operating system.

13.2.2018

Python/Filecoder.BA

Python/Filecoder.BA is a trojan that encrypts files on local drives. To decrypt files the user is requested to comply with given conditions in exchange for a password/instructions.

13.2.2018

Win32/Agent.WBI

The trojan serves as a backdoor. It can be controlled remotely. The trojan is usually a part of other malware.

13.2.2018

Win32/ZinoCrypt.A

Win32/ZinoCrypt.A is a trojan that encrypts files on fixed, removable and network drives. To decrypt files the user is requested to comply with given conditions in exchange for a password/instructions.

13.2.2018

Win32/Filecoder.Sigma.A

Win32/Filecoder.Sigma.A is a trojan that encrypts files on local drives. To decrypt files the user is requested to comply with given conditions in exchange for a password/instructions.

13.2.2018

Win32/Filecoder.GandCrab.A

Win32/Filecoder.GandCrab.A is a trojan that encrypts files on fixed, removable and network drives. To decrypt files the user is requested to comply with given conditions in exchange for a password/instructions.

13.2.2018

Win64/Gadoopt.AA

Win64/Gadoopt.AA serves as a backdoor. It can be controlled remotely.

9.2.2018

MSIL.Vermrat

MSIL.Vermrat is a Trojan horse that opens a backdoor, steals information, and may download potentially malicious files onto the compromised computer.

9.2.2018

Exp.CVE-2018-4877

Exp.CVE-2018-4877 is a heuristic detection for files attempting to exploit the Adobe Flash Player CVE-2018-4877 Use After Free Remote Code Execution Vulnerability (CVE-2018-4877).

9.2.2018

Linux.Duckbot

Linux.Duckbot is a Trojan horse that downloads potentially malicious files onto the compromised computer.

9.2.2018

Trojan.Dragonrat

Trojan.Dragonrat is a Trojan horse that downloads potentially malicious files onto the compromised computer.

9.2.2018

Exp.CVE-2018-4878

Exp.CVE-2018-4878 is a heuristic detection for files attempting to exploit the Adobe Flash Player Use After Free Remote Code Execution Vulnerability (CVE-2018-4878).

9.2.2018

MSH.Bluwimps

MSH.Bluwimps is a PowerShell script that steals information from the compromised computer. It may also download potentially malicious files.

9.2.2018

Trojan.ChaoPZ

Trojan.ChaoPZ is a Trojan horse that collects information from the compromised computer. It may also download potentially malicious files.

1.2.2018

Win32/Agent.SMB

The trojan serves as a backdoor. It can be controlled remotely.

1.2.2018

Win64/Gadoopt.AA

Win64/Gadoopt.AA serves as a backdoor. It can be controlled remotely.

1.2.2018

Backdoor.Kuyama

Backdoor.Kuyama is a Trojan horse that opens a backdoor on the compromised computer.

1.2.2018

Ransom.GandCrab

Ransom.GandCrab is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

1.2.2018

Linux.Masuta.B

Linux.Masuta.B is a worm that uses IoT devices to carry out DDoS attacks and spreads using exploits and common and default credentials.

1.2.2018

Linux.Masuta

Linux.Masuta is a worm that uses IoT devices to carry out DDoS attacks and spreads using common and default credentials

1.2.2018

Trojan.Trensil.B

Trojan.Trensil.B is a Trojan horse that collects information from the compromised computer. It may also download potentially malicious files.

1.2.2018

Trojan.Evrial

Trojan.Evrial is Trojan horse that steals information from the compromised computer.

24.1.2018

TROJ_DIGMINEIN.A

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ_CVE20175753.POD

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

OSX64_CVE20175753.POC

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

ELF64_CVE20175753.POD

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

ELF64_CVE20175753.POC

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ_CVE20175753.POE

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ_CVE20175753.POF

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ_CVE20175753.POI

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ64_CVE20175753.POD

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ_CVE20175753.POG

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ_CVE20175753.POH

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ64_CVE20175753.POE

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ64_CVE20175754.POC

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

TROJ_CVE20175753.DAM

This Exploit arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

24.1.2018

Win32/Aibolit.AA

The trojan serves as a backdoor. It can be controlled remotely.

24.1.2018

W97M.Remkos

W97M.Remkos is a Trojan horse that may download potentially malicious files onto the compromised computer.

24.1.2018

Downloader.Remkos

Downloader.Remkos is a Trojan horse that may download potentially malicious files onto the compromised computer.

24.1.2018

Backdoor.Remkos

Backdoor.Remkos is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files.

24.1.2018

Trojan.Sneark

Trojan.Sneark is a Trojan horse that may steal sensitive information from the compromised computer.

23.1.2018

Backdoor.Neggpy

Backdoor.Neggpy is a Trojan horse that opens a backdoor and downloads potentially malicious files onto the compromised computer.

23.1.2018

Backdoor.Calderat

Backdoor.Spoofrand is a Trojan horse that opens a backdoor and downloads potentially malicious files onto the compromised computer.

23.1.2018

Win32/Agent.XRR

The trojan serves as a backdoor. It can be controlled remotely.

23.1.2018

Win32/Spy.Agent.OUD

Win32/Spy.Agent.OUD is a trojan that steals sensitive information. The trojan is usually a part of other malware.

23.1.2018

Win32/Filecoder.BTCWare.A

Win32/Filecoder.BTCWare.A is a trojan that encrypts files on fixed, removable and network drives. To decrypt files the user is requested to comply with given conditions in exchange for a password/instructions.

23.1.2018

Win32/TrojanDownloader.Chindo.D

Win32/TrojanDownloader.Chindo.D is a trojan which tries to download other malware from the Internet.

23.1.2018

Win32/Spy.Agent.PIR

Win32/Spy.Agent.PIR is a trojan that steals sensitive information. The trojan is usually a part of other malware.

19.1.2018

Win32/Farfli.BGG

Win32/Farfli.BGG serves as a backdoor. It can be controlled remotely.

19.1.2018

Trojan.KillDiskmens

Trojan.KillDiskmens is a Trojan horse that attempts to wipe disks and delete files and folders on the compromised computer.

18.1.2018

Trojan.PowStage

Trojan.PowStage is a Trojan horse that opens a backdoor on the compromised computer.

18.1.2018

Exp.CVE-2017-5754

Exp.CVE-2017-5754 is a heuristic detection for files attempting to exploit the Multiple CPU Hardwares Information Disclosure Vulnerability (CVE-2017-5754).

18.1.2018

Backdoor.Spoofrand

Backdoor.Spoofrand is a Trojan horse that opens a backdoor and downloads potentially malicious files onto the compromised computer.

18.1.2018

Win32/Spy.Agent.OTL

The trojan serves as a backdoor. It can be controlled remotely.

18.1.2018

Win32/Agent.ZEA

Win32/Agent.ZEA is a trojan which tries to download other malware from the Internet.

17.1.2018

TROJ_DIGMINEIN.A

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

17.1.2018

Exp.CVE-2018-0775

Exp.CVE-2018-0775 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0775).

17.1.2018

Exp.CVE-2018-0776

Exp.CVE-2018-0776 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0776).

17.1.2018

Exp.CVE-2018-0777

Exp.CVE-2018-0777 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0777).

17.1.2018

Exp.CVE-2018-4871

Exp.CVE-2018-4871 is a heuristic detection for files attempting to exploit the Adobe Flash Player Out-Of-Bounds Read Information Disclosure Vulnerability (CVE-2018-4871).

17.1.2018

Exp.CVE-2018-0762

Exp.CVE-2018-0762 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability (CVE-2018-0762).

17.1.2018

Exp.CVE-2018-0758

Exp.CVE-2018-0758 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0758).

17.1.2018

Exp.CVE-2018-0769

Exp.CVE-2018-0769 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0769).

17.1.2018

Exp.CVE-2018-0773

Exp.CVE-2018-0773 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0773).

17.1.2018

Exp.CVE-2018-0774

Exp.CVE-2018-0774 is a heuristic detection for files attempting to exploit the Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability (CVE-2018-0774).

12.1.2018

TROJ_DIGMINEIN.A

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

12.1.2018

Exp.CVE-2017-5754

Exp.CVE-2017-5754 is a heuristic detection for files attempting to exploit the Multiple CPU Hardwares Information Disclosure Vulnerability (CVE-2017-5754).

12.1.2018

ANDROIDOS_STEALERC32

ANDROIDOS_STEALERC32 pretends itself as fake updates to chat applications like Facebook, WhatsApp, Messenger, LINE, and LoveChat.

10.1.2018

Backdoor.Spoofrand

Backdoor.Spoofrand is a Trojan horse that opens a backdoor and downloads potentially malicious files onto the compromised computer.

10.1.2018

Exp.CVE-2018-0797

Exp.CVE-2018-0797 is a heuristic detection for files attempting to exploit the Microsoft Word Memory Corruption Vulnerability (CVE-2018-0797).

10.1.2018

Win32/Small.NNX

Win32/Small.NNX is a trojan which tries to execute other malicious files. The trojan is usually a part of other malware.

10.1.2018

Win32/Filecoder.Crypt888.B

Win32/Filecoder.Crypt888.B is a trojan that encrypts files on local drives. To restore files to their original state the user is requested to send an e-mail to a specified address in exchange for a password/instructions.

10.1.2018

Win32/Sayunojok.A

The trojan serves as a backdoor. It can be controlled remotely. The file is run-time compressed using UPX .

10.1.2018

Win32/Lecna.AP

Win32/Lecna.AP is a trojan which tries to download other malware from the Internet.

10.1.2018

Win64/Heriplor.A

Win64/Heriplor.A is a trojan which tries to download other malware from the Internet. The file is run-time compressed using RAR SFX .

10.1.2018

Win32/Hikit.K

The trojan serves as a backdoor. It can be controlled remotely.

8.1.2018

Python.Zealot

Python.Zealot is a Trojan horse that downloads malicious code onto the compromised computer.

7.1.2018

Win32/Juasek.C

The trojan serves as a backdoor. It can be controlled remotely.

7.1.2018

Win32/Juasek.D

The trojan serves as a backdoor. It can be controlled remotely.

6.1.2018

Trojan.Truebot

Trojan.Truebot is a Trojan horse that downloads malicious files onto the compromised computer.

6.1.2018

Backdoor.Truebot

Backdoor.Truebot is a Trojan horse that opens a backdoor on the compromised computer.

6.1.2018

Exp.CVE-2017-5753

Exp.CVE-2017-5753 is a heuristic detection for files attempting to exploit the Multiple CPU Hardwares Information Disclosure Vulnerability (CVE-2017-5753).