Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
500 entries found.
Displaying page 1
of 25.
PWS:Win32/Lineage.CC
PWS:Win32/Lineage.CC is a password stealing trojan that targets popular online games. It may drop and load a payload component that performs the data theft, and a rootkit component that hides the trojan and its associated components from the affected user.
Alert level:
severe
VirTool:Win32/Obfuscator.BJ
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/Obfuscator.CO
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/Obfuscator.HE
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/CeeInject.gen!DI
VirTool:Win32/CeeInject.gen!DI is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/VBInject.gen!FF
VirTool:Win32/VBInject.gen!FF is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/Ceeinject.gen!DV
VirTool:Win32/Ceeinject.gen!DV is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/Obfuscator.HZ
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/VBInject.DR
VirTool:Win32/VBInject.DR is a detection for obfuscated Visual Basic compiled malicious code. The malicious code or file is usually encrypted and/or compressed, and is decrypted and decoded before it is injected into a process or dropped and executed.
Alert level:
severe
VirTool:Win32/Obfuscator.IG
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:INF/Autorun.gen
Windows Defender detects and removes this threat.
The autorun.inf file is created by worms when they copy themselves to a local, network, or removable drive.
Some worms can spread to other PCs by infecting removable drives that you have plugged into your PC (such as USB drives or portable hard disks). If you plug those drives into another PC, the worm will infect that PC as well.
This is a common way for malware to spread. However, autorun.inf files on their own are not necessarily a sign of infection, they are also used by legitimate programs.
Alert level:
severe
VirTool:INF/Autorun.gen!W
VirTool:INF/Autorun.gen!W is a detection for "autorun.inf" files that may be used by worms when spreading to local, network, or removable drives. When copying themselves to a drive, worms can create a file named "autorun.inf", which contains execution instructions for the operating system. When the drive is viewed using Windows Explorer, "autorun.inf" runs, thus executing the worm copy.
It should be noted that "autorun.inf" files on their own are not necessarily a sign of infection, as they are used by legitimate programs and installation CDs.
Alert level:
severe
VirTool:JS/Obfuscator.AP
VirTool:JS/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a variety of techniques such as encryption.
Alert level:
severe
VirTool:Win32/VBInject.OB
VirTool:Win32/VBInject.OB is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/VBInject.NP
VirTool:Win32/VBInject.NP is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/VBInject.OG
VirTool:Win32/VBInject.OG is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/VBInject.MP
VirTool:Win32/VBInject.MP is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:JS/Obfuscator.AU
VirTool:JS/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a variety of techniques such as encryption.
Alert level:
severe
VirTool:Win32/VBInject.OM
VirTool:Win32/VBInject.OM is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:JS/Obfuscator.AD
VirTool:JS/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a variety of techniques such as encryption.
Alert level:
severe