This Trojan is designed to steal confidential information (user passwords). It is designed to steal a range of confidential information.

It is a Windows PE EXE file. The file is approximately 23KB in size. It is packed using UPX. The unpacked file is approximately 250KB in size. It is written…

This Trojan is a modified Windows %System%\drivers\etc\hosts file, which is used to translate domain names (DNS) to IP addresses. The modified file is 910 bytes in size. The file is modified in such a way as to prevent the user from viewing the sites listed below.
The following strings are added to…

This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user. The main file is a Justsystem Ichitaro (JTD) file 85,739 bytes in size.

Ichitaro is the most popular Japanese text editing program.

This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user. The main file is a Justsystem Ichitaro (JTD) file 83,992 bytes in size.

Ichitaro is the most popular Japanese text editing program.

This Trojan is a JavaScript scenario. The size depends on the size of the web page into which the Trojan is integrated.
Installation
When an infected page is opened, the Trojan creates a file called “EA.hta” in the Startup folder:
%Startup%\EA.hta.

This Trojan is a JavaScript scenario. The size depends on the size of the web page into which the Trojan is integrated.

This email worm will send itself to all email address in the MS Outlook address book. The file is 1,373 bytes in size.
Installation
The worm copies itself to the current user’s start menu as “WinBoot.js”. This ensures that the worm will be launched next time the system is started:
%Documents and…

This Trojan provides a remote malicious user with access to the victim machine. It is a Windows PE EXE file. The file is 5,040 bytes in size.

Installation

When launched, the Trojan copies its executable file to the Windows system directory:

%System%\com.exe

It also creates the following…

This Trojan downloads files via the Internet without the knowledge or consent of the user. It is a Windows PE EXE file. It is 23,040 bytes in size.

Installation

When launched, the Trojan copies its executable file to the Windows system directory:

%System%\isca.exe

The Trojan also adds the…

This Trojan is designed to steal confidential data. It is a Windows PE EXE file. The file is 33,545 bytes in size. It is packed using FSG. The unpacked file is approximately 130KB in size.

Installation

When launched, the Trojan copies its executable file to the Windows system directory:…

This Trojan downloads other programs via the Internet and launches them for execution on the victim machine without the user’s knowledge or consent. The Trojan is a Windows PE EXE file. The file is approximately 9KB in size. It is packed using PECompact. The unpacked file is approximately…

This Trojan can be used for remote administration of the victim machine. It provides a malicious user with the ability to perform operations via IRC. It is a Windows PE EXE file, and is 207,872 bytes in size.

Installation

When installing, the backdoor copies its executable file to the Windows…

This Trojan has a malicious payload. It is 343 bytes in size, and written in Visual Basic Script.

This worm is a Windows PE EXE file, which is 89,116 bytes in size, and packed using Upack. The unpacked file is approximately 237KB in size.

Installation

When launching, the worm creates the following files:

%System%\msjidpmo.dll
%System%\msssmsda.dll
%System%\msssmsda.exe

It also creates the…

This modification of Warezov is a component which is used by other program versions in the same family.

The component is sent by the worm as an attachment to infected emails. It is a Windows PE EXE file, 16,609 bytes in size, packed using Upack. The unpacked file is approximately 94KB in size.