Malware 2019-  2026()  2025()  2024()  2023()  2022()  OTHER()  2020()  2019()  2018()  2017()  2016()  2015()  2014()  2013()  2012()  2011()  2010()  2009()  2008()

DATE

NAME

INFO

CATEGORY

SUBCATE

19.12.19

Ransom.Chy Ransom.Chy is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. MALWARE  

18.12.19

Trojan.Ascentor Trojan.Ascentor is a Trojan horse that may download additional files onto the compromised computer. MALWARE  

13.12.19

POL.B.PSTCscriptPdfRd POL.B.PSTCscriptPdfRd indicates the blocking of an attempt of a PDF reader application (e.g. Adobe Reader) to run Microsoft Cscript. This is an advanced attack pattern used by attackers to try to execute malicious scripts that have been successfully delivered to target machines. MALWARE  

13.12.19

POL.B.PSTWscriptOffic POL.B.PSTWscriptOffic indicates the blocking of an attempt of an Office application (e.g. Word, Excel, PowerPoint) to run Microsoft Wscript. This is an advanced attack pattern used by attackers to try to execute malicious scripts that have been successfully delivered to target machines. MALWARE  

13.12.19

POL.B.PSTMshtaPdfRd POL.B.PSTMshtaPdfRd indicates the blocking of an attempt of a PDF reader application (e.g. Adobe Reader) to run Mshta. This is an advanced attack pattern used by attackers to try to execute malicious HTA files, JavaScript, or VBScript to compromise target systems. MALWARE  

13.12.19

POL.B.PSTWscriptPdfRd POL.B.PSTWscriptPdfRd indicates the blocking of an attempt of a PDF reader application (e.g. Adobe Reader) to run Microsoft Wscript. This is an advanced attack pattern used by attackers to try to execute malicious scripts that have been successfully delivered to target machines. MALWARE  

13.12.19

POL.B.PSTBitsadmin POL.B.PSTBitsadmin POL.B.PSTBitsadmin indicates the blocking of an unusual attempt to run the Microsoft BITSAdmin tool. This is an advanced attack pattern used by an attacker to try to remotely copy malicious code or executables to the target system. MALWARE  

13.12.19

POL.B.PSTMshtaOffice POL.B.PSTMshtaOffice indicates the blocking of an attempt of a Microsoft Office application (e.g. Word, Excel, PowerPoint) to run Mshta. This is an advanced attack pattern used by attackers to try to execute malicious HTA files, JavaScript, or VBScript to compromise target systems. MALWARE  

13.12.19

POL.B.PSTPowershPdfRd POL.B.PSTPowershPdfRd indicates the blocking of an attempt of a PDF reader application (e.g. Adobe Reader) to run Microsoft PowerShell. This is an advanced attack pattern used by attackers to try to use embedded scripts in PDFs to execute malicious PowerShell commands to compr MALWARE  
12.12.19 POL.B.PECMsbuild POL.B.PECMsbuild indicates the blocking of an unusual attempt of Microsoft Build Engine (MSBuild) to create a portable executable file on the local disk. This is an advanced attack pattern used by attackers to evade traditional intrusion detection systems. MALWAREs  

12.12.19

POL.B.PECPsexesvc POL.B.PECPsexesvc indicates the blocking of an unusual attempt by the Windows utility Psexesvc to create a portable executable file on the local disk. This is an advanced attack pattern used by attackers to evade traditional intrusion detection systems. MALWARE  

12.12.19

POL.B.RLPPsexesvc POL.B.RLPPsexesvc indicates the blocking of an unusual attempt by the Windows utility Psexesvc to modify Windows registry loadpoints. This is an advanced attack pattern used by attackers to evade traditional intrusion detection systems and alter Windows startup behavior so that malicious payloads get executed when Windows starts. MALWARE  

12.12.19

POL.B.PSTPowshOffice POL.B.PSTPowshOffice indicates the blocking of an attempt by a Microsoft Office application (e.g. Word, Excel, PowerPoint) to run Microsoft PowerShell. This is an advanced attack pattern used by attackers to try to execute malicious PowerShell commands or scripts to compromise target systems. MALWARE  

11.12.19

Trojan.Zerocleare Trojan.Zerocleare is disk-wiping virus. When executed, it will try to overwrite the Master Boot Record (MBR) and disk partitions on Windows-based machines. MALWARE  

11.12.19

Infostealer.Coonrac Infostealer.Coonrac is a Trojan horse that steals information from the compromised computer. It may also download potentially malicious files. MALWARE  

26.11.19

Ransom.Maze Ransom.Maze is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. MALWARE  

14.11.19

POL.B.PSTCertutilHttp POL.B.PSTCertutilHttp indicates the blocking of an attempt by the Windows utility Certutil to download a file. This is an advanced attack technique used by attackers to evade traditional intrusion detection systems by moving away from simply downloading malicious payloads over normal network traffic. MALWARE  

14.11.19

POL.B.NPCCertutil POL.B.NPCCertutil indicates the blocking of an attempt by the Windows utility Certutil to create a portable executable file on the local disk. This is an advanced attack technique used by attackers to evade traditional intrusion detection systems. MALWARE  

14.11.19

POL.B.PECCertutil POL.B.PECCertutil indicates the blocking of an attempt by the Windows utility Certutil to create a portable executable file on the local disk. This is an advanced attack technique used by attackers to evade traditional intrusion detection systems. MALWARE  

14.11.19

Exp.CVE-2019-1429 Exp.CVE-2019-1429 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2019-1429). MALWARE  

5.11.19

Backdoor.Wellmess Backdoor.Wellmess is a Trojan horse that opens a backdoor on the compromised computer. MALWARE  

5.11.19

Backdoor.Lookback Backdoor.Lookback is a Trojan horse that opens a backdoor on the compromised computer. MALWARE  

30.10.19

Ransom.Buran Ransom.Buran is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. MALWARE  

10.10.19

Hacktool.Rotpotato Hacktool.Rotpotato is a tool used to escalate privileges on a compromised computer. MALWARE  

10.10.19

Hacktool.Avet Hacktool.Avet is a tool that encrypts a custom payload in such a way that it may evade antivirus detection. MALWARE  

8.10.19

PHP.Comminer PHP.Comminer is a worm that spreads through network shares and removable drives. It also opens a backdoor on the compromised computer, steals information, and uses the compromised computer for cryptocurrency mining. MALWARE  

2.10.19

Infostealer.Browexp Infostealer.Browexp is a Trojan horse that steals information from the compromised computer. MALWARE  

2.10.19

Trojan.Spoofane Trojan.Spoofane is a Trojan horse that may perform malicious activities on the compromised computer. MALWARE  

26.9.19

Exp.CVE-2018-8120 Exp.CVE-2018-8120 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability (CVE-2018-8120). MALWARE  

25.9.19

Exp.CVE-2019-1367 Exp.CVE-2019-1367 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Scripting Engine Remote Memory Corruption Vulnerability (CVE-2019-1367). MALWARE  

20.9.19

Backdoor.Hyperbro Backdoor.Hyperbro is a Trojan horse that opens a backdoor on the compromised computer. MALWAREs  

19.9.19

Trojan.Golpiks Trojan.Golpiks is a Trojan horse that steals information from the compromised computer. MALWARE  

18.9.19

Exp.CVE-2019-1215 Exp.CVE-2019-1215 is a heuristic detection for files attempting to exploit the Windows Elevation of Privilege Vulnerability (CVE-2019-1215). MALWARE  

13.9.19

Ransom.Lilocked Ransom.Lilocked is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. MALWARE  

5.9.19

Ransom.Hybirdmy Ransom.Hybirdmy is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. MALWARE  
3.9.19 Ransom.Nemty Ransom.Nemty is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. MALWARE  
3.9.19 PHP/WebShell.NEA The trojan serves as a backdoor. It can be controlled remotely. MALWARE  

30.8.19

JS.Windivert JS.Windivert is a Trojan horse that may perform malicious activities on the compromised computer. MALWARE  

30.8.19

Backdoor.Gocon Backdoor.Gocon is a Trojan horse that opens a backdoor on the compromised computer. It may also steal information and download potentially malicious files. MALWARE  

22.8.19

Backdoor.Priwidd Backdoor.Priwidd is a Trojan horse that opens a backdoor on the compromised computer. It may then perform malicious activities. MALWARE  

22.8.19

Backdoor.Pymet Backdoor.Pymet is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files and steal information. MALWARE  

21.8.19

VBS/Agent.NUG VBS/Agent.NUG serves as a backdoor. It can be controlled remotely. The trojan can use the hardware resources of the infected computer for mining the Bitcoin digital currency. MALWARE  

7.8.19

PHP/Agent.NGD The trojan serves as a backdoor. It can be controlled remotely. MALWARE  

22.7.19

Ransom.Bitpaymer Ransom.Bitpaymer is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.  MALWARE  

18.7.19

Win32/Crossza.A Win32/Crossza.A is a trojan which tries to download other malware from the Internet. MALWARE  

18.7.19

Trojan.Tepok Trojan.Tepok is a Trojan horse that may perform malicious activities on the compromised computer. MALWARE  

17.7.19

Trojan.Burtopinam Trojan.Burtopinam is a Trojan horse that may perform malicious activities on the compromised computer.  MALWARE  

15.7.19

Backdoor.Hannotog

Backdoor.Hannotog is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

15.7.19

Win32/TrojanDownloader.Small.PET

Win32/TrojanDownloader.Small.PET is a trojan which tries to download other malware from the Internet.

MALWARE  

15.7.19

Win32/Exploit.CVE-2018-0802.A

Win32/Exploit.CVE-2018-0802.A is a trojan designed to deliver various malware to the user's systems.

MALWARE

15.7.19

Win64/GoBot2

Win64/GoBot2 serves as a backdoor. It can be controlled remotely.
MALWARE

15.7.19

Win64/GoBot2

Win64/GoBot2 serves as a backdoor. It can be controlled remotely.

MALWAREs

12.7.19

Trojan.Fenkrib

Trojan.Fenkrib is a Trojan horse that downloads potentially malicious files. 

MALWARE

10.7.19

Infostealer.Astaroth

Infostealer.Astaroth is a Trojan horse that steals information from the compromised computer. 

MALWARE

3.7.19

OSX.Netwire

OSX.Netwire is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE

25.6.19

Trojan.Amadey

Trojan.Amadey is a Trojan horse that steals information from the compromised computer. 

MALWARE

25.6.19

Trojan.Malmsi

Trojan.Malmsi is a heuristic detection for Windows Installer (.msi) files that contain malicious scripts. 

MALWARE

25.6.19

Backdoor.Powerton

Backdoor.Powerton is a Trojan horse that opens a backdoor, steals information, and downloads potentially malicious files onto the compromised computer. 

MALWARE

25.6.19

Exp.CVE-2019-0888

Exp.CVE-2019-0888 is a heuristic detection for files attempting to exploit the Microsoft ActiveX Data Objects Remote Code Execution Vulnerability (CVE-2019-0888). 

MALWARE

6.6.19

OSX.Keysteal

OSX.Keysteal is a heuristic detection used to detect malware that can steal credentials from Apple's Keychain via a vulnerability in macOS 10.14.3 and below. 

MALWARE

28.5.19

Exp.CVE-2019-0752

Exp.CVE-2019-0752 is a heuristic detection for files attempting to exploit the Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2019-0752). 

MALWARE

27.5.19

Backdoor.Whisperer

Backdoor.Whisperer is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

27.5.19

Backdoor.Tavroigu

Backdoor.Tavroigu is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

16.5.19

Ransom.Robbinhood

Ransom.Robbinhood is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. 

MALWARE  

16.5.19

W32.Bulehero

W32.Bulehero is a worm that uses the compromised computer's resources to mine cryptocurrency. 

MALWARE  

14.5.19

Ransom.Ryuk

Ransom.Ryuk is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. 

MALWARE  

8.5.19

Ransom.MegaCortex

Ransom.MegaCortex is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. 

MALWARE  

18.4.19

Infostealer.Scranos

Infostealer.Scranos is a Trojan horse that steals information from the compromised computer. It may also download potentially malicious files. 

MALWARE  

10.4.19

VBS.Rosekernel

VBS.Rosekernel is a worm that spreads via removable drives and network shares. It opens a backdoor on the compromised computer and downloads potentially malicious files. 

MALWARE  

10.4.19

Backdoor.Darkteq

Backdoor.Darkteq is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

10.4.19

Exp.CVE-2019-0803

Exp.CVE-2019-0803 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability (CVE-2019-0803). 

MALWARE  

10.4.19

Exp.CVE-2019-0859

Exp.CVE-2019-0859 is a heuristic detection for files attempting to exploit the Microsoft Windows Win32k Local Privilege Escalation Vulnerability (CVE-2019-0859). 

MALWARE  

9.4.19

Infostealer.Glitchpos

Infostealer.Glitchpos is a Trojan horse that steals information from the compromised computer. 

MALWAREs  

5.4.19

Backdoor.Vexdoor

Backdoor.Vexdoor is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

5.4.19

Android.RemoteCode
.152.origin

Android-Trojan that runs on devices working on Android OS. It is a renewed version of the Android.RemoteCode.106.origin Trojan.
It is a software module that can be integrated in any application. The applications with Android.RemoteCode.152.origin were distributed through the Google Play catalog.

MALWARE  

5.4.19

Android.RemoteCode
.127.origin

A Trojan for Android included in SDK å‘€å‘€äº‘ (Ya Ya Yun). It is used in software development. This SDK provides users with an opportunity to exchange text,
voice and video messages. The main purpose of 
Android.RemoteCode.127.origin
 is a covert download and launch of additional malicious modules.

MALWARE  

5.4.19

Trojan.DownLoad4.11892

The malware has a valid digital signature and is distributed among cryptocurrency enthusiasts. Upon launch it downloads and compiles source code using the .Net framework. Using the same code, it then downloads Trojan.PWS.Stealer.24943. The malware creators also use the 2n****.co service to collect information on the number of installs

MALWARE  

5.4.19

Android.HiddenAds.1008

Executes code of the following detected threats

MALWARE  

4.4.19

W32.Beapy

W32.Beapy is a worm that spreads via SMB, MS SQL, or by exploiting vulnerabilities in the Windows operating system. 

MALWARE  

29.3.19

W97M.Astraunlock

W97M.Astraunlock is a Trojan horse that downloads potentially maliciious files onto the compromised computer. 

MALWARE  

28.3.19

Backdoor.Tinimeti

Backdoor.Tinimeti is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

28.3.19

Hacktool.Gobrut

Hacktool.Gobrut is a tool that works as a brute-forcing module. It tries to log into target services using credentials retrieved from a remote server. 

MALWARE  

26.3.19

Trojan.Susafone

Trojan.Susafone is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files. 

MALWARE  

25.3.19

Backdoor.Picigail

Backdoor.Picigail is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

25.3.19

Ransom.Ploc

Ransom.Ploc is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them. 

MALWARE  

14.3.19

Backdoor.Filensfer

Backdoor.Filensfer is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

14.3.19

Backdoor.Fakeslic

Backdoor.Fakeslic is a Trojan horse that opens a backdoor on the compromised computer. 

MALWARE  

13.3.19

Exp.CVE-2019-0808

Exp.CVE-2019-0808 is a heuristic detection for files attempting to exploit the Microsoft Windows Win32k Local Privilege Escalation Vulnerability (CVE-2019-0808). 

MALWARE  

13.3.19

Exp.CVE-2019-0797

Exp.CVE-2019-0797 is a heuristic detection for files attempting to exploit the Microsoft Windows Win32k Local Privilege Escalation Vulnerability (CVE-2019-0797). 

MALWARE  

13.3.19

W32.Extrat.C

W32.Extrat.C is a Trojan horse that opens a backdoor on the compromised computer. It may also download other potentially malicious files and steal information. 

MALWARE  

12.3.19

Backdoor.Sarhus

Backdoor.Sarhus is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files.

MALWARE  

12.3.19

Backdoor.Xoratag

Backdoor.Xoratag is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files.

MALWARE  

9.3.19

Trojan.Bitartra

Trojan.Bitartra is a Trojan horse that may perform malicious activities on the compromised computer.

MALWARE  

7.3.19

Win32/Filecoder
.LockedFile.I

Win32/Filecoder.LockedFile.I is a trojan that encrypts files on fixed and network drives. To decrypt files the
user is requested to comply with given conditions in exchange for a password/instructions.

MALWAREs  

1.3.19

Exp.CVE-2018-20250

Exp.CVE-2018-20250 is a heuristic detection for files attempting to exploit the WinRAR Multiple Security Vulnerabilities (CVE-2018-20250).

MALWARE  

18.2.19

Trojan.Tinukebot.B

Trojan.Tinukebot.B is a Trojan horse that opens a backdoor and may perform malicious activities on the compromised computer. 

MALWARE  

17.2.19

Infostealer.Powtief

Infostealer.Powtief is a Trojan horse that steals information from the compromised computer. 

MALWARE  

17.2.19

Trojan.Keymarble

Trojan.Keymarble is a Trojan horse that downloads potentially malicious files and may perform malicious activities on the compromised computer. 

MALWARE  

12.2.19

Hacktool.Modlishka

Hacktool.Modlishka is a tool that is used to perform operations such as injecting and ending processes on the computer.

MALWARE  

12.2.19

Backdoor.Scuoter

Backdoor.Scuoter is a Trojan horse that opens a backdoor on the compromised computer.

MALWARE  

12.2.19

Downloader.Keapot

Downloader.Keapot is a Trojan horse that may download potentially malicious files onto and steal information from the compromised computer.

MALWARE  

7.2.19

Ransom.Gogalocker

Ransom.Gogalocker is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

MALWARE  

5.2.19

Linux.Speakup

Linux.Speakup is a Trojan horse that opens a backdoor on the compromised computer.

MALWARE  

1.2.19

Trojan.Formbook

Trojan.Formbook is a Trojan horse that steals information from the compromised computer.

MALWARE  

1.2.19

Backdoor.Chafpe

Backdoor.Chafpe is a Trojan horse that opens a backdoor on the compromised computer.

MALWARE  

1.2.19

Backdoor.Chafanty

Backdoor.Chafanty is a Trojan horse that opens a backdoor on the compromised computer.

MALWARE  

1.2.19

Backdoor.Chafty

Backdoor.Chafty is a Trojan horse that opens a backdoor on the compromised computer.

MALWARE  

1.2.19

Backdoor.Chafpy

Backdoor.Chafpy is a Trojan horse that opens a backdoor on the compromised computer.

MALWARE  

29.1.19

Trojan.Vcrodat

Trojan.Vcrodat is a Trojan horse that may perform malicious activities on the compromised computer.

MALWARE  

29.1.19

Ransom.Anatova

Ransom.Anatova is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

MALWARE  

29.1.19

Backdoor.Kirihop

Backdoor.Kirihop is a Trojan horse that opens a backdoor on the compromised computer.

MALWARE

28.1.19

Ransom.Pots

Ransom.Pots is a Trojan horse that encrypts files on the compromised computer and demands a payment to decrypt them.

MALWARE  
24.1.19 Backdoor.Exemyr Backdoor.Exemyr is a Trojan horse that opens a backdoor on the compromised computer. MALWARE  
23.1.19 Trojan.Cartbat Trojan.Cartbat is a Trojan horse that downloads potentially malicious files onto the compromised computer. MALWARE  
19.1.19 Ransom.Mongolock Ransom.MongoLock is a Trojan horse that deletes files from the compromised computer and then demands a payment for their return. MALWAREs  
19.1.19 Bloodhound.RTF.15 Bloodhound.RTF.15 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. MALWARE  
19.1.19 Bloodhound.RTF.16 Bloodhound.RTF.16 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. MALWARE  
19.1.19 Bloodhound.RTF.17 Bloodhound.RTF.17 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. MALWARE  
19.1.19 Bloodhound.RTF.18 Bloodhound.RTF.18 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. MALWARE
16.1.19 Linux.Ekcorminer Linux.Ekcorminer is a Trojan horse that uses the compromised computer's resources to mine cryptocurrency. MALWARE  
15.1.19 Bloodhound.RTF.14 Bloodhound.RTF.14 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. MALWARE  
15.1.19 Bloodhound.RTF.13 Bloodhound.RTF.13 is a heuristic detection used to detect threats associated with the Trojan.Mdropper family of threats. MALWARE  
14.1.19 Infostealer.Vidar Infostealer.Vidar is a Trojan horse that steals information from the compromised computer. MALWARE  
14.1.19 Trojan.Liroxod Trojan.Liroxod is a Trojan horse that opens a backdoor on the compromised computer. It may also download potentially malicious files. MALWARE  
9.1.19 Exp.CVE-2019-0566 Exp.CVE-2019-0566 is a heuristic detection for files attempting to exploit the Microsoft Edge Remote Privilege Escalation Vulnerability (CVE-2019-0566). MALWARE  
9.1.19 Exp.CVE-2019-0569 Exp.CVE-2019-0569 is a heuristic detection for files attempting to exploit the Microsoft Windows Kernel Local Information Disclosure Vulnerability (CVE-2019-0569). MALWARE  
4.1.19 OSX.Windtail OSX.Windtail is a Trojan horse that downloads potentially malicious files and may perform malicious activities on the compromised computer. MALWARE  
4.1.19 W64.Flobal W64.Flobal is a Trojan horse that opens a backdoor on the compromised computer and steals information. MALWARE  
3.1.19 Downloader.Jumpta Downloader.Jumpta is a Trojan horse that downloads potentially malicious files onto the compromised computer. MALWARE  

1.1.19

Trojan.Zleloa

Trojan.Zleloa is a Trojan horse that may perform malicious activities on the compromised computer.

MALWARE