Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
10 entries found.
Win32/Zlob
Win32/Zlob is a family of Trojans that modify Internet Explorer settings, redirect the default internet search and home pages, and attempt to download and execute malicious software from the Internet.
Alert level:
high
Trojan:Win32/Zlob.GL
Trojan:Win32/Zlob.GL is a dropped component of Trojan:Win32/Zlob.GL!dr. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.
Alert level:
severe
TrojanDownloader:Win32/Zlob.AFM
TrojanDownloader:Win32/Zlob.AFM is the detection for a BHO (Browser Helper Object) that may arrive in the system by being installed by a user. It may be installed by the user as it purports to be a "video codec"; the codec installer actually installs the BHO detected as this trojan.
Alert level:
severe
TrojanDownloader:Win32/Dontovo.A
Win32/Dontovo.A is a trojan that downloads and executes arbitrary files.
Alert level:
severe
Trojan:Win32/Zlob
Alert level:
severe
Backdoor:Win32/Zlob
Alert level:
severe
TrojanDropper:Win32/Zlob
Alert level:
severe
TrojanClicker:Win32/Zlob
Alert level:
severe
TrojanDownloader:Win32/Zlob
TrojanDownloader:Win32/Zlob is generic detection for a component of the greater Win32/Zlob malware family. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.
Alert level:
severe
Backdoor:Win32/Nuwar.A!ini
Backdoor:Win32/Nuwar.A!ini is a configuration file used by Backdoor:Win32/Nuwar.A!sys. The file is dropped by Backdoor:Win32/Nuwar.A!sys, and contains a list of peers to connect to, as well as other information pertaining to the Trojan’s distributed peer-to-peer network.
The file itself is not malicious, rather it is an indication of infection by Win32/Nuwar.
Alert level:
severe