Security home

 

Home / malwarePDF  

TrojanDownloader:JS/Cryxos.B


First posted on 29 August 2017.
Source: Microsoft

Aliases :

There are no other names known for TrojanDownloader:JS/Cryxos.B.

Explanation :

This malicious JavaScript connects to the following remote servers to download its payload:

  • hxxp://eurytionedge[.]men/admin[.]php?f=1[.]doc
  • hxxp://corymbusadvisor[.]men/admin[.]php?f=1[.]doc
  • hxxp://asbetosgem[.]trade/admin[.]php?f=1[.]doc
  • hxxp://phaennabazaar[.]trade/admin[.]php?f=1[.]doc
  • hxxp://dolopolesasz[.]com/admin[.]php?f=1[.]doc


We have observed this threat download and execute the following malware:
  • Ransom:Win32/Betisrypt
  • Ransom:Win32/Cerber

Last update 29 August 2017

 

TOP

Malware :

Family: