SecurityHome.eu TrojanDownloader:JS/Cryxos.B

Home / malware PDF

TrojanDownloader:JS/Cryxos.B

First posted on 29 August 2017.
Source: Microsoft
Aliases :
There are no other names known for TrojanDownloader:JS/Cryxos.B.
Explanation :
This malicious JavaScript connects to the following remote servers to download its payload:

hxxp://eurytionedge[.]men/admin[.]php?f=1[.]doc

hxxp://corymbusadvisor[.]men/admin[.]php?f=1[.]doc

hxxp://asbetosgem[.]trade/admin[.]php?f=1[.]doc

hxxp://phaennabazaar[.]trade/admin[.]php?f=1[.]doc

hxxp://dolopolesasz[.]com/admin[.]php?f=1[.]doc

We have observed this threat download and execute the following malware:

Ransom:Win32/Betisrypt

Ransom:Win32/Cerber

Last update 29 August 2017

TOP

Malware :

Dridex
Shamoon 2
Hitler-Ransomware
Trojan.Win32.Vicepass.A
ButterflyBot.A

Last 20

Family:

TrojanDownloader:JS/Cryxos.B