msil Backdoor.MSIL.BLADABINDI.THA By www.trendmicro.com Published On :: Mon, 21 Sep 2020 07:00:00 -0700 Threat type: Backdoor Aliases: Backdoor:MSIL/Bladabindi.SBR!MSR (Microsoft), MSIL:Bladabindi-JK [Trj](AVAST) Platforms: Windows Overall Risk Rating: Low Damage Potential: Medium Distribution Potential: Low Reported Infection: Low Information Exposure: High Overview: Cybercriminals used this malware bundled with legitimate installation copies of the VPN software known as Windscribe. Note that these copies are hosted from fraudulent sources.This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes commands from a remote malicious user, effectively compromising the affected system.It gathers certain information on the affected computer. It logs a user's keystrokes to steal information. Full Article
msil Backdoor.MSIL.SUNBURST.A By www.trendmicro.com Published On :: Mon, 14 Dec 2020 07:00:00 -0800 Threat type: Backdoor Aliases: Trojan:MSIL/Solorigate.B!dha (Microsoft); Trj/Solorigate.A (Panda) Platforms: Windows Overall Risk Rating: Low Damage Potential: High Distribution Potential: Low Reported Infection: Low Information Exposure: Medium Overview: This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes commands from a remote malicious user, effectively compromising the affected system. Full Article
msil Trojan.MSIL.SUPERNOVA.A By www.trendmicro.com Published On :: Mon, 14 Dec 2020 07:00:00 -0800 Threat type: Trojan Aliases: MSIL/Agent.5676!tr (FORTINET) Platforms: Windows Overall Risk Rating: Low Damage Potential: High Distribution Potential: Low Reported Infection: Low Information Exposure: Low Overview: This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user accesses the said website.It executes commands from a remote malicious user, effectively compromising the affected system. Full Article
msil Ransom.MSIL.COBRALOCKER.AA By www.trendmicro.com Published On :: Mon, 11 Jan 2021 07:00:00 -0800 Threat type: Ransomware Aliases: Trojan-Ransom.FileCrypter (IKARUS), W32/Encoder.AFA!tr (FORTINET) Platforms: Windows Overall Risk Rating: Low Damage Potential: High Distribution Potential: Low Reported Infection: Low Information Exposure: Low Overview: This Ransomware may be dropped by other malware. Full Article
msil Ransom.MSIL.THANOS.THABGBA By www.trendmicro.com Published On :: Wed, 03 Feb 2021 07:00:00 -0800 Threat type: Ransomware Aliases: Trojan-Ransom.Thanos (Ikarus), HEUR:Trojan-Ransom.MSIL.Encoder.gen (Kaspersky) Platforms: Windows Overall Risk Rating: Low Damage Potential: High Distribution Potential: Low Reported Infection: Low Information Exposure: Low Overview: This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware.It creates certain registry entries to disable applications related to security.It encrypts files with specific file extensions. It drops files as ransom note. Full Article
msil Ransom.MSIL.POVLSOM.THBAOBA By www.trendmicro.com Published On :: Sat, 06 Feb 2021 07:00:00 -0800 Threat type: Ransomware Aliases: Ransom:MSIL/Filecoder.EY!MTB (MICROSOFT), Trojan-Ransom.FileCrypter (IKARUS) Platforms: Windows Overall Risk Rating: Low Damage Potential: Medium Distribution Potential: Low Reported Infection: Low Information Exposure: Low Overview: This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Full Article
msil TrojanSpy.MSIL.REDLINESTEALER.YXBDM By www.trendmicro.com Published On :: Fri, 09 Apr 2021 07:00:00 -0700 Threat type: Trojan Spy Aliases: MSIL/Kryptik.AAHQ!tr(FORTINET); Trj/GdSda.A(PANDA) Platforms: Windows Overall Risk Rating: Low Damage Potential: Medium Distribution Potential: Low Reported Infection: Low Information Exposure: High Overview: This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive information. Full Article
msil TrojanSpy.MSIL.REDLINESTEALER.YXBDN By www.trendmicro.com Published On :: Fri, 09 Apr 2021 07:00:00 -0700 Threat type: Trojan Spy Aliases: a variant of MSIL/Kryptik.AAHN trojan(NOD32); PWS-FCXD!F291EAD13EAD(NAI) Platforms: Windows Overall Risk Rating: Low Damage Potential: Medium Distribution Potential: Low Reported Infection: Low Information Exposure: High Overview: This Trojan Spy arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive information. Full Article
msil Ransom.MSIL.CHAOS.A By www.trendmicro.com Published On :: Mon, 09 Aug 2021 07:00:00 -0700 Threat type: Ransomware Aliases: HEUR:Trojan.MSIL.Fsysna.gen (Kaspersky); Platforms: Windows Overall Risk Rating: Low Damage Potential: High Distribution Potential: Low Reported Infection: Low Information Exposure: Low Overview: This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It encrypts files found in specific folders. Full Article
msil Trojan.MSIL.WHISPERGATE.YXCAQ By www.trendmicro.com Published On :: Tue, 18 Jan 2022 07:00:00 -0800 Threat type: Trojan Aliases: DoS:Win32/WhisperGate.I!dha (MICROSOFT) Platforms: Windows Overall Risk Rating: Low Damage Potential: Medium Distribution Potential: Low Reported Infection: Low Information Exposure: Low Overview: This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Full Article
msil Ransom.MSIL.EGOGEN.THEBBBC By www.trendmicro.com Published On :: Mon, 05 Jun 2023 07:00:00 -0700 Threat type: Ransomware Aliases: Trojan:MSIL/XWormRAT.A!MTB (MICROSOFT) Platforms: Windows Overall Risk Rating: Low Damage Potential: Medium Distribution Potential: Low Reported Infection: Low Information Exposure: High Overview: This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It adds certain registry entries to disable the Task Manager. This action prevents users from terminating the malware process, which can usually be done via the Task Manager.It terminates itself if it detects it is being run in a virtual environment.It encrypts files with specific file extensions. It drops files as ransom note. It avoids encrypting files with the following file extensions. Full Article
msil .NET Instrumentation Via MSIL Bytecode Injection By packetstormsecurity.com Published On :: Fri, 12 Jan 2018 14:44:44 GMT Whitepaper from Phrack called .NET Instrumentation via MSIL bytecode injection. Full Article
msil Ransom.MSIL.FREEZING.A By www.trendmicro.com Published On :: Thu, 27 Jun 2019 00:00:00 GMT Over All Risk Rating : LowThis ransomware is one of the few ransomware families that is loaded and executed under the legitimate PowerShell executable. It also is one of the few that uses restart session manager to terminate processes that have associated files it tries to encrypt.This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It drops files as ransom note.Read More Full Article
msil Backdoor.MSIL.REMCOS.AOJ By www.trendmicro.com Published On :: Tue, 19 Nov 2019 00:00:00 GMT Over All Risk Rating : LowThis malware was seen delivered via malicious spam spoofing the brand DHL as the sender. It came as an .ISO attachment. It possibly is used for spearphishing activities.This Backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes commands from a remote malicious user, effectively compromising the affected system.Read More Full Article
msil Ransom.MSIL.FREEZING.A By feeds.trendmicro.com Published On :: Thu, 27 Jun 2019 00:00:00 GMT Over All Risk Rating : LowThis ransomware is one of the few ransomware families that is loaded and executed under the legitimate PowerShell executable. It also is one of the few that uses restart session manager to terminate processes that have associated files it tries to encrypt.This Ransomware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It drops files as ransom note.Read More Full Article
msil Backdoor.MSIL.REMCOS.AOJ By feeds.trendmicro.com Published On :: Tue, 19 Nov 2019 00:00:00 GMT Over All Risk Rating : LowThis malware was seen delivered via malicious spam spoofing the brand DHL as the sender. It came as an .ISO attachment. It possibly is used for spearphishing activities.This Backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It executes commands from a remote malicious user, effectively compromising the affected system.Read More Full Article
msil Kim and Kourtney Kardashian clumsily exit car in Paris By www.dailymail.co.uk Published On :: Mon, 02 Mar 2020 19:02:08 GMT The television personality, 39, turned head as she stepped out in leather flares with sister Kourtney during Paris Fashion Week on Monday. Full Article
