Posts tagged Nemucod

Nemucod, a variant named after the dropper used to deliver the malicious payload, targets Windows OS and is distributed via spam emails containing ZIP files which, in turn, contain a JavaScript file. Once executed, the JavaScript file downloads the following 5 files onto the infected system: a.exe,, a1.exe, a2.exe, a.php, and php4ts.dll.

Read More