Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
500 entries found.
Displaying page 1
of 25.
PWS:Win32/Lineage.CC
PWS:Win32/Lineage.CC is a password stealing trojan that targets popular online games. It may drop and load a payload component that performs the data theft, and a rootkit component that hides the trojan and its associated components from the affected user.
Alert level:
severe
VirTool:Win32/Injector.gen!CO
VirTool:Win32/Injector.gen!CO is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/Injector.gen!CA
VirTool:Win32/Injector.gen!CA is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/VBInject.TP
VirTool:Win32/VBInject.TP is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/VBInject.UA
VirTool:Win32/VBInject.UA is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:INF/Autorun.gen
Windows Defender detects and removes this threat.
The autorun.inf file is created by worms when they copy themselves to a local, network, or removable drive.
Some worms can spread to other PCs by infecting removable drives that you have plugged into your PC (such as USB drives or portable hard disks). If you plug those drives into another PC, the worm will infect that PC as well.
This is a common way for malware to spread. However, autorun.inf files on their own are not necessarily a sign of infection, they are also used by legitimate programs.
Alert level:
severe
VirTool:Win32/CeeInject.gen!DI
VirTool:Win32/CeeInject.gen!DI is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/VBInject.gen!FF
VirTool:Win32/VBInject.gen!FF is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/Ceeinject.gen!DV
VirTool:Win32/Ceeinject.gen!DV is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.
Alert level:
severe
VirTool:Win32/Obfuscator.HR
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/Tibs.E.dll
VirTool:Win32/Tibs.E.dll is a user-mode rootkit that may be dropped by a variant of Win32/Tibs or by variants of other malicious software. VirTool:Win32/Tibs.E.dll is injected into certain types of processes in order to hide certain malicious software on the computer.
Alert level:
severe
VirTool:Win32/Obfuscator.A
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/Obfuscator.H
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/Obfuscator.O
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/VBInject.DN
VirTool:Win32/VBInject.DN is a detection for an obfuscator wrapper used by malicious executables. The malicious executable is usually encrypted/compressed and stored inside the wrapper. When executed, it decodes the malicious executable and injects it into a clean process, for example, "explorer.exe", or loads it into a new process of its own.
Alert level:
severe
VirTool:WinNT/Cutwail.K
Cutwail is a trojan which is able to download and executes arbitrary files. Downloaded files may be executed from disk or injected directly into another process. Whilst the functionality of the files that are downloaded may change, Cutwail usually downloads a trojan which is able to send spam. Cutwail also employs rootkit and other defensive techniques to avoid detection and removal.
VirTool:WinNT/Cutwail.K is a device driver component (rootkit) used by Cutwail malware family.
It contains functionality to modify the system's winlogon.exe.
Alert level:
severe
VirTool:Win32/Obfuscator.BJ
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/Obfuscator.CO
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/Obfuscator.HE
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe
VirTool:Win32/Obfuscator.GH
VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.
Alert level:
severe