| ID | Payload | Description | Keyword |
| 1 | Attack security software | Lower security level, disable security applications | Antivirus, firewall, security | 2 | Hijack Session | Intercept connections or communication channels | Hijack, affiliate, redirect | 3 | Popup advertisements | Show ads out of contexts or overlap others | Pop-up, pop-under | 4 | Information theft | Collect sensitive data and keystrokes, send to attackers | Passwords, information | 5 | Configuration change | Modify homepage, preference, bookmarks, registry | Folder, registry, config | 6 | Arbitrary commands | Execute arbitrary programs by attackers | Arbitrary code, execute, run | 7 | Download software | Act as downloaders or droppers for extra programs | Download, drop | 8 | Terminate process | Kill system daemons or network applications | Terminate, kill, stop | 9 | Network connection | Open network connections to grant attacker full control | Connect, proxy | 10 | File manipulation | Add, modify, move, or delete system/data files | File, overwrite, load, move |
|
|