Malware -
2019 | ||
Datum |
Název |
Info |
|
19.12.19 |
Ransom.Chy | Ransom.Chy is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
18.12.19 |
Trojan.Ascentor | Trojan.Ascentor is a Trojan horse that may download additional files onto the compromised computer. |
|
13.12.19 |
POL.B.PSTCscriptPdfRd | POL.B.PSTCscriptPdfRd indicates the blocking of an attempt of a PDF reader application (e.g. Adobe Reader) to run Microsoft Cscript. This is an advanced attack pattern used by attackers to try to execute malicious scripts that have been successfully delivered to target machines. |
|
13.12.19 |
POL.B.PSTWscriptOffic | POL.B.PSTWscriptOffic indicates the blocking of an attempt of an Office application (e.g. Word, Excel, PowerPoint) to run Microsoft Wscript. This is an advanced attack pattern used by attackers to try to execute malicious scripts that have been successfully delivered to target machines. |
|
13.12.19 |
POL.B.PSTMshtaPdfRd | POL.B.PSTMshtaPdfRd indicates the blocking of an attempt of a PDF reader application (e.g. Adobe Reader) to run Mshta. This is an advanced attack pattern used by attackers to try to execute malicious HTA files, JavaScript, or VBScript to compromise target systems. |
|
13.12.19 |
POL.B.PSTWscriptPdfRd | POL.B.PSTWscriptPdfRd indicates the blocking of an attempt of a PDF reader application (e.g. Adobe Reader) to run Microsoft Wscript. This is an advanced attack pattern used by attackers to try to execute malicious scripts that have been successfully delivered to target machines. |
|
13.12.19 |
POL.B.PSTBitsadmin | POL.B.PSTBitsadmin POL.B.PSTBitsadmin indicates the blocking of an unusual attempt to run the Microsoft BITSAdmin tool. This is an advanced attack pattern used by an attacker to try to remotely copy malicious code or executables to the target system. |
|
13.12.19 |
POL.B.PSTMshtaOffice | POL.B.PSTMshtaOffice indicates the blocking of an attempt of a Microsoft Office application (e.g. Word, Excel, PowerPoint) to run Mshta. This is an advanced attack pattern used by attackers to try to execute malicious HTA files, JavaScript, or VBScript to compromise target systems. |
|
13.12.19 |
POL.B.PSTPowershPdfRd | POL.B.PSTPowershPdfRd indicates the blocking of an attempt of a PDF reader application (e.g. Adobe Reader) to run Microsoft PowerShell. This is an advanced attack pattern used by attackers to try to use embedded scripts in PDFs to execute malicious PowerShell commands to compr |
| 12.12.19 | POL.B.PECMsbuild | POL.B.PECMsbuild indicates the blocking of an unusual attempt of Microsoft Build Engine (MSBuild) to create a portable executable file on the local disk. This is an advanced attack pattern used by attackers to evade traditional intrusion detection systems. |
|
12.12.19 |
POL.B.PECPsexesvc | POL.B.PECPsexesvc indicates the blocking of an unusual attempt by the Windows utility Psexesvc to create a portable executable file on the local disk. This is an advanced attack pattern used by attackers to evade traditional intrusion detection systems. |
|
12.12.19 |
POL.B.RLPPsexesvc | POL.B.RLPPsexesvc indicates the blocking of an unusual attempt by the Windows utility Psexesvc to modify Windows registry loadpoints. This is an advanced attack pattern used by attackers to evade traditional intrusion detection systems and alter Windows startup behavior so that malicious payloads get executed when Windows starts. |
|
12.12.19 |
POL.B.PSTPowshOffice | POL.B.PSTPowshOffice indicates the blocking of an attempt by a Microsoft Office application (e.g. Word, Excel, PowerPoint) to run Microsoft PowerShell. This is an advanced attack pattern used by attackers to try to execute malicious PowerShell commands or scripts to compromise target systems. |
|
11.12.19 |
Trojan.Zerocleare | Trojan.Zerocleare is disk-wiping virus. When executed, it will try to overwrite the Master Boot Record (MBR) and disk partitions on Windows-based machines. |
|
11.12.19 |
Infostealer.Coonrac | Infostealer.Coonrac is a Trojan horse that steals information from the compromised computer. It may also download potentially malicious files. |
|
26.11.19 |
Ransom.Maze | Ransom.Maze is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
14.11.19 |
POL.B.PSTCertutilHttp | POL.B.PSTCertutilHttp indicates the blocking of an attempt by the Windows utility Certutil to download a file. This is an advanced attack technique used by attackers to evade traditional intrusion detection systems by moving away from simply downloading malicious payloads over normal network traffic. |
|
14.11.19 |
POL.B.NPCCertutil | POL.B.NPCCertutil indicates the blocking of an attempt by the Windows utility Certutil to create a portable executable file on the local disk. This is an advanced attack technique used by attackers to evade traditional intrusion detection systems. |
|
14.11.19 |
POL.B.PECCertutil | POL.B.PECCertutil indicates the blocking of an attempt by the Windows utility Certutil to create a portable executable file on the local disk. This is an advanced attack technique used by attackers to evade traditional intrusion detection systems. |
|
14.11.19 |
Exp.CVE-2019-1429 | Exp.CVE-2019-1429 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2019-1429). |
|
5.11.19 |
Backdoor.Wellmess | Backdoor.Wellmess is a Trojan horse that opens a backdoor on the compromised computer. |
|
5.11.19 |
Backdoor.Lookback | Backdoor.Lookback is a Trojan horse that opens a backdoor on the compromised computer. |
|
30.10.19 |
Ransom.Buran | Ransom.Buran is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
10.10.19 |
Hacktool.Rotpotato | Hacktool.Rotpotato is a tool used to escalate privileges on a compromised computer. |
|
10.10.19 |
Hacktool.Avet | Hacktool.Avet is a tool that encrypts a custom payload in such a way that it may evade antivirus detection. |
|
8.10.19 |
PHP.Comminer | PHP.Comminer is a worm that spreads through network shares and removable drives. It also opens a backdoor on the compromised computer, steals information, and uses the compromised computer for cryptocurrency mining. |
|
2.10.19 |
Infostealer.Browexp | Infostealer.Browexp is a Trojan horse that steals information from the compromised computer. |
|
2.10.19 |
Trojan.Spoofane | Trojan.Spoofane is a Trojan horse that may perform malicious activities on the compromised computer. |
|
26.9.19 |
Exp.CVE-2018-8120 | Exp.CVE-2018-8120 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability (CVE-2018-8120). |
|
25.9.19 |
Exp.CVE-2019-1367 | Exp.CVE-2019-1367 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2019-1367). |
|
20.9.19 |
Backdoor.Hyperbro | Backdoor.Hyperbro is a Trojan horse that opens a backdoor on the compromised computer. |
|
19.9.19 |
Trojan.Golpiks | Trojan.Golpiks is a Trojan horse that steals information from the compromised computer. |
|
18.9.19 |
Exp.CVE-2019-1215 | Exp.CVE-2019-1215 is a heuristic detection for files attempting to exploit the Windows Elevation of Privilege Vulnerability (CVE-2019-1215). |
|
13.9.19 |
Ransom.Lilocked | Ransom.Lilocked is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
5.9.19 |
Ransom.Hybirdmy | Ransom.Hybirdmy is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
| 3.9.19 | Ransom.Nemty | Ransom.Nemty is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
| 3.9.19 | PHP/WebShell.NEA | The trojan serves as a backdoor. It can be controlled remotely. |
|
30.8.19 |
JS.Windivert | JS.Windivert is a Trojan horse that may perform malicious activities on the compromised computer. |
|
30.8.19 |
Backdoor.Gocon | Backdoor.Gocon is a Trojan horse that opens a backdoor on the compromised computer. It may also steal information and download potentially malicious files. |
|
22.8.19 |
Backdoor.Priwidd | Backdoor.Priwidd is a Trojan horse that opens a backdoor on the compromised computer. It may then perform malicious activities. |
|
22.8.19 |
Backdoor.Pymet | Backdoor.Pymet is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files and steal information. |
|
21.8.19 |
VBS/Agent.NUG | VBS/Agent.NUG serves as a backdoor. It can be controlled remotely. The trojan can use the hardware resources of the infected computer for mining the Bitcoin digital currency. |
|
7.8.19 |
PHP/Agent.NGD | The trojan serves as a backdoor. It can be controlled remotely. |
|
22.7.19 |
Ransom.Bitpaymer | Ransom.Bitpaymer is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
18.7.19 |
Win32/Crossza.A | Win32/Crossza.A is a trojan which tries to download other malware from the Internet. |
|
18.7.19 |
Trojan.Tepok | Trojan.Tepok is a Trojan horse that may perform malicious activities on the compromised computer. |
|
17.7.19 |
Trojan.Burtopinam | Trojan.Burtopinam is a Trojan horse that may perform malicious activities on the compromised computer. |
|
15.7.19 |
Backdoor.Hannotog is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
15.7.19 |
Win32/TrojanDownloader.Small.PET is a trojan which tries to download other malware from the Internet. |
|
|
15.7.19 |
Win32/Exploit.CVE-2018-0802.A is a trojan designed to deliver various malware to the user's systems. |
|
|
15.7.19 |
Win64/GoBot2 serves as a backdoor. It can be controlled remotely.
|
|
|
15.7.19 |
Win64/GoBot2 serves as a backdoor. It can be controlled remotely. |
|
|
12.7.19 |
Trojan.Fenkrib is a Trojan horse that downloads potentially malicious files. |
|
|
10.7.19 |
Infostealer.Astaroth is a Trojan horse that steals information from the compromised computer. |
|
|
3.7.19 |
OSX.Netwire is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
25.6.19 |
Trojan.Amadey is a Trojan horse that steals information from the compromised computer. |
|
|
25.6.19 |
Trojan.Malmsi is a heuristic detection for Windows Installer (.msi) files that contain malicious scripts. |
|
|
25.6.19 |
Backdoor.Powerton is a Trojan horse that opens a backdoor, steals information, and downloads potentially malicious files onto the compromised computer. |
|
|
25.6.19 |
Exp.CVE-2019-0888 is a heuristic detection for files attempting to exploit the Microsoft ActiveX Data Objects Remote Code Execution Vulnerability (CVE-2019-0888). |
|
|
6.6.19 |
OSX.Keysteal is a heuristic detection used to detect malware that can steal credentials from Apple's Keychain via a vulnerability in macOS 10.14.3 and below. |
|
|
28.5.19 |
Exp.CVE-2019-0752 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2019-0752). |
|
|
27.5.19 |
Backdoor.Whisperer is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
27.5.19 |
Backdoor.Tavroigu is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
16.5.19 |
Ransom.Robbinhood is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
|
16.5.19 |
W32.Bulehero is a worm that uses the compromised computer's resources to mine cryptocurrency. |
|
|
14.5.19 |
Ransom.Ryuk is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
|
8.5.19 |
Ransom.MegaCortex is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
|
18.4.19 |
Infostealer.Scranos is a Trojan horse that steals information from the compromised computer. It may also download potentially malicious files. |
|
|
10.4.19 |
VBS.Rosekernel is a worm that spreads via removable drives and network shares. It opens a backdoor on the compromised computer and downloads potentially malicious files. |
|
|
10.4.19 |
Backdoor.Darkteq is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
10.4.19 |
Exp.CVE-2019-0803 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability (CVE-2019-0803). |
|
|
10.4.19 |
Exp.CVE-2019-0859 is a heuristic detection for files attempting to exploit the Microsoft Windows Win32k Local Privilege Escalation Vulnerability (CVE-2019-0859). |
|
|
9.4.19 |
Infostealer.Glitchpos is a Trojan horse that steals information from the compromised computer. |
|
|
5.4.19 |
Backdoor.Vexdoor is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
5.4.19 |
Android-Trojan that runs
on devices working on Android OS. It is a renewed version of the
Android.RemoteCode.106.origin Trojan. |
|
|
5.4.19 |
A Trojan for Android
included in SDK 呀呀云 (Ya
Ya Yun). It is used in software development. This SDK provides users
with an opportunity to exchange text, |
|
|
5.4.19 |
The malware has a valid digital signature and is distributed among cryptocurrency enthusiasts. Upon launch it downloads and compiles source code using the .Net framework. Using the same code, it then downloads Trojan.PWS.Stealer.24943. The malware creators also use the 2n****.co service to collect information on the number of installs |
|
|
5.4.19 |
Executes code of the following detected threats |
|
|
4.4.19 |
W32.Beapy is a worm that spreads via SMB, MS SQL, or by exploiting vulnerabilities in the Windows operating system. |
|
|
29.3.19 |
W97M.Astraunlock is a Trojan horse that downloads potentially maliciious files onto the compromised computer. |
|
|
28.3.19 |
Backdoor.Tinimeti is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
28.3.19 |
Hacktool.Gobrut is a tool that works as a brute-forcing module. It tries to log into target services using credentials retrieved from a remote server. |
|
|
26.3.19 |
Trojan.Susafone is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files. |
|
|
25.3.19 |
Backdoor.Picigail is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
25.3.19 |
Ransom.Ploc is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
|
14.3.19 |
Backdoor.Filensfer is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
14.3.19 |
Backdoor.Fakeslic is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
13.3.19 |
Exp.CVE-2019-0808 is a heuristic detection for files attempting to exploit the Microsoft Windows Win32k Local Privilege Escalation Vulnerability (CVE-2019-0808). |
|
|
13.3.19 |
Exp.CVE-2019-0797 is a heuristic detection for files attempting to exploit the Microsoft Windows Win32k Local Privilege Escalation Vulnerability (CVE-2019-0797). |
|
|
13.3.19 |
W32.Extrat.C is a Trojan horse that opens a backdoor on the compromised computer. It may also download other potentially malicious files and steal information. |
|
|
12.3.19 |
Backdoor.Sarhus is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files. |
|
|
12.3.19 |
Backdoor.Xoratag is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files. |
|
|
9.3.19 |
Trojan.Bitartra is a Trojan horse that may perform malicious activities on the compromised computer. |
|
|
7.3.19 |
Win32/Filecoder.LockedFile.I is a trojan that encrypts files on fixed
and network drives. To decrypt files the |
|
|
1.3.19 |
Exp.CVE-2018-20250 is a heuristic detection for files attempting to exploit the WinRAR Multiple Security Vulnerabilities (CVE-2018-20250). |
|
|
18.2.19 |
Trojan.Tinukebot.B is a Trojan horse that opens a backdoor and may perform malicious activities on the compromised computer. |
|
|
17.2.19 |
Infostealer.Powtief is a Trojan horse that steals information from the compromised computer. |
|
|
17.2.19 |
Trojan.Keymarble is a Trojan horse that downloads potentially malicious files and may perform malicious activities on the compromised computer. |
|
|
12.2.19 |
Hacktool.Modlishka is a tool that is used to perform operations such as injecting and ending processes on the computer. |
|
|
12.2.19 |
Backdoor.Scuoter is a Trojan horse that opens a backdoor on the compromised computer. |
|
|
12.2.19 |
Downloader.Keapot is a Trojan horse that may download potentially malicious files onto and steal information from the compromised computer. |
|
|
7.2.19 |
Ransom.Gogalocker is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
|
5.2.19 |
Linux.Speakup is a Trojan horse that opens a backdoor on the compromised computer. |
|
1.2.19 |
Trojan.Formbook is a Trojan horse that steals information from the compromised computer. |
|
1.2.19 |
Backdoor.Chafpe is a Trojan horse that opens a backdoor on the compromised computer. |
|
1.2.19 |
Backdoor.Chafanty is a Trojan horse that opens a backdoor on the compromised computer. |
|
1.2.19 |
Backdoor.Chafty is a Trojan horse that opens a backdoor on the compromised computer. |
|
1.2.19 |
Backdoor.Chafpy is a Trojan horse that opens a backdoor on the compromised computer. |
|
29.1.19 |
Trojan.Vcrodat is a Trojan horse that may perform malicious activities on the compromised computer. |
|
29.1.19 |
Ransom.Anatova is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
29.1.19 |
Backdoor.Kirihop is a Trojan horse that opens a backdoor on the compromised computer. |
|
28.1.19 |
Ransom.Pots is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. |
|
| 24.1.19 | Backdoor.Exemyr | Backdoor.Exemyr is a Trojan horse that opens a backdoor on the compromised computer. |
| 23.1.19 | Trojan.Cartbat | Trojan.Cartbat is a Trojan horse that downloads potentially malicious files onto the compromised computer. |
| 19.1.19 | Ransom.Mongolock | Ransom.MongoLock is a Trojan horse that deletes files from the compromised computer and then demands a payment for their return. |
| 19.1.19 | Bloodhound.RTF.15 | Bloodhound.RTF.15 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. |
| 19.1.19 | Bloodhound.RTF.16 | Bloodhound.RTF.16 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. |
| 19.1.19 | Bloodhound.RTF.17 | Bloodhound.RTF.17 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. |
| 19.1.19 | Bloodhound.RTF.18 | Bloodhound.RTF.18 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. |
| 16.1.19 | Linux.Ekcorminer | Linux.Ekcorminer is a Trojan horse that uses the compromised computer's resources to mine cryptocurrency. |
| 15.1.19 | Bloodhound.RTF.14 | Bloodhound.RTF.14 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. |
| 15.1.19 | Bloodhound.RTF.13 | Bloodhound.RTF.13 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. |
| 14.1.19 | Infostealer.Vidar | Infostealer.Vidar is a Trojan horse that steals information from the compromised computer. |
| 14.1.19 | Trojan.Liroxod | Trojan.Liroxod is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files. |
| 9.1.19 | Exp.CVE-2019-0566 | Exp.CVE-2019-0566 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Privilege Escalation Vulnerability (CVE-2019-0566). |
| 9.1.19 | Exp.CVE-2019-0569 | Exp.CVE-2019-0569 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel Local Information Disclosure Vulnerability (CVE-2019-0569). |
| 4.1.19 | OSX.Windtail | OSX.Windtail is a Trojan horse that downloads potentially malicious files and may perform malicious activities on the compromised computer. |
| 4.1.19 | W64.Flobal | W64.Flobal is a Trojan horse that opens a backdoor on the compromised computer and steals information. |
| 3.1.19 | Downloader.Jumpta | Downloader.Jumpta is a Trojan horse that downloads potentially malicious files onto the compromised computer. |
1.1.19 |
Trojan.Zleloa is a Trojan horse that may perform malicious activities on the compromised computer. | |