Change logs for security intelligence update version 1.389.986.0

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Security intelligence update version

Released on

5/11/2023 11:47:07 PM

Added threat detections

Name	Severity
Backdoor:MSIL/Crysen!MTB	severe
Ransom:Win64/Cactus.PB!MTB	severe
Trojan:HTML/Phish.JSE	severe
Trojan:Java/Tnega.PRT!MTB	severe
Trojan:JS/Obfuse.PRWE!MTB	severe
Trojan:JS/Qakbot.PRT!MTB	severe
Trojan:MSIL/AgentTesla.SMJL	severe
Trojan:MSIL/ColdCryptor!MTB	severe
Trojan:MSIL/DarkTortilla.PSNP!MTB	severe
Trojan:MSIL/Marsilia!MTB	severe
Trojan:MSIL/Redline.PSNO!MTB	severe
Trojan:MSIL/Rozena.GIF!MTB	severe
Trojan:MSIL/SnakeKeylogger.SPAM!MTB	severe
Trojan:PDF/Phish.TSC!MTB	severe
Trojan:Win32/Babar.RC!MTB	severe
Trojan:Win32/Drixed.RPZ!MTB	severe
Trojan:Win32/Ergop!BV	severe
Trojan:Win32/Farfli.BAT!MTB	severe
Trojan:Win32/Formbook.ARAA!MTB	severe
Trojan:Win32/Qakbot.CREQ!MTB	severe
Trojan:Win32/Qakbot.NS!MTB	severe
Trojan:Win32/RmtAdmin!MTB	severe
Trojan:Win32/Warzone.MA!MTB	severe
Trojan:Win32/Xegumumune.CEMH!MTB	severe
Trojan:Win32/Zurgop.RC!MTB	severe
Trojan:Win64/Badur!MTB	severe
Trojan:Win64/IcedID.ADB!MTB	severe
Trojan:Win64/IcedIDLoader.MA!MTB	severe
Trojan:Win64/NimCrypt!MTB	severe
Trojan:Win64/Shakti.MKV!MTB	severe
TrojanDownloader:MSIL/Ader.ARBC!MTB	severe
TrojanDownloader:MSIL/Heracles.ARBE!MTB	severe
TrojanDownloader:O97M/Obfuse.PAG	severe
TrojanDownloader:O97M/Obfuse.PAG	severe
TrojanDownloader:Win32/Small.CAFO!MTB	severe
TrojanDownloader:Win32/Zdowbot.ARAE!MTB	severe

Updated threat detections

Name	Severity
Adware:Win32/Neoreklami	high
Adware:Win32/PCAcceleratePro	high
Backdoor:MSIL/Orcusrot.A	severe
Backdoor:Win64/CobaltStrike.NP!dha	severe
Behavior:Win64/IsPotentialSideLoad.DL	severe
Behavior:Win64/IsPotentialSideLoad.DN	severe
Behavior:Win64/IsPotentialSideLoad.DO	severe
Behavior:Win64/Rorschach.D	severe
BrowserModifier:Win32/MediaArena	high
Exploit:iPhoneOS/Vortex!MTB	severe
Exploit:Linux/Vortex!MTB	severe
Exploit:O97M/CVE-2017-11882.ALE!MTB	severe
Exploit:O97M/CVE-2017-11882.ALY!MTB	severe
Exploit:O97M/CVE-2017-11882.RVR	severe
Exploit:O97M/CVE-2017-11882.SSMA	severe
FriendlyFiles	low
HackTool:MSIL/Injector	high
HackTool:Python/Impacket!MTB	high
HackTool:Win32/CheatEngine!MSR	high
Program:Win32/Leonem	high
PUA:AndroidOS/LuckyPatcher.A!MTB	severe
PWS:Win32/Sekure	severe
PWS:Win32/Stealer!MSR	severe
Ransom:BAT/Clop	severe
Ransom:Win32/Ako	severe
Ransom:Win32/Bitman	severe
Ransom:Win32/Cerber	severe
Ransom:Win32/Crowti	severe
Ransom:Win32/Crypmod	severe
Ransom:Win32/CVE	severe
Ransom:Win32/Eris	severe
Ransom:Win32/LockBit	severe
Ransom:Win32/Spora.A	severe
Ransom:Win64/Cactus.PB!MTB	severe
Trojan:HTML/Obfuse!MSR	severe
Trojan:HTML/Phish!MSR	severe
Trojan:HTML/Phish.AQ!MTB	severe
Trojan:HTML/Phish.PAGA!MTB	severe
Trojan:JS/Obfuse.ALY!MTB	severe
Trojan:JS/Obfuse.PRWE!MTB	severe
Trojan:JS/Qakbot.ALY!MTB	severe
Trojan:JS/Qakbot.PRT!MTB	severe
Trojan:JS/Qakbot.SMK!MTB	severe
Trojan:JS/Skeeyah.A!rfn	severe
Trojan:Linux/SamDust!MTB	severe
Trojan:MSIL/AgentTesla.RPP!MTB	severe
Trojan:MSIL/AgentTesla.SMK!MTB	severe
Trojan:MSIL/Cryptor	severe
Trojan:MSIL/DarkTortilla.PSNP!MTB	severe
Trojan:MSIL/Discord.BM!rfn	severe
Trojan:MSIL/Heracles!MTB	severe
Trojan:MSIL/Malgent!MSR	severe
Trojan:MSIL/Redline.PSNO!MTB	severe
Trojan:MSIL/SnakeKeylogger.SPAM!MTB	severe
Trojan:MSIL/Stealer!MSR	severe
Trojan:MSIL/Tnega.RPL	severe
Trojan:MSIL/Zapchast!MSR	severe
Trojan:O97M/Donoff!MSR	severe
Trojan:O97M/Obfuse.CJ	severe
Trojan:PDF/Phish	severe
Trojan:PDF/Phish!MSR	severe
Trojan:PDF/Phish.AME	severe
Trojan:PDF/Phish.SM!MTB	severe
Trojan:PDF/Phish.TSC!MTB	severe
Trojan:Script/Phonzy.A!ml	severe
Trojan:Script/Sabsik.FL.B	severe
Trojan:VBS/Tnega.PAE	severe
Trojan:Win32/AgentTesla	severe
Trojan:Win32/AgentTesla.SMK!MTB	severe
Trojan:Win32/Amadey.AY!MTB	severe
Trojan:Win32/Bluteal!rfn	severe
Trojan:Win32/Casdet!rfn	severe
Trojan:Win32/Cobaltstrike!Beac	severe
Trojan:Win32/Drixed.RPZ!MTB	severe
Trojan:Win32/Dropper!MSR	severe
Trojan:Win32/Dynamer	severe
Trojan:Win32/Dynamer!rfn	severe
Trojan:Win32/Ekstak.RC!MTB	severe
Trojan:Win32/Fakeav	severe
Trojan:Win32/Farfli.BAT!MTB	severe
Trojan:Win32/Filecoder!BV	severe
Trojan:Win32/Formbook.ARAA!MTB	severe
Trojan:Win32/FormBook.RPP!MTB	severe
Trojan:Win32/Formbook.RPR	severe
Trojan:Win32/FormBook.SMK!MTB	severe
Trojan:Win32/GuLoader.AAV	severe
Trojan:Win32/Guloader.SMK!MTB	severe
Trojan:Win32/Leonem	severe
Trojan:Win32/Malgent!MSR	severe
Trojan:Win32/Mamson.A!ac	severe
Trojan:Win32/Necurs!rfn	severe
Trojan:Win32/Nekark!MTB	severe
Trojan:Win32/Occamy.C	severe
Trojan:Win32/Qakbot.NS!MTB	severe
Trojan:Win32/RmtAdmin!MTB	severe
Trojan:Win32/Sabsik.FL.B!ml	severe
Trojan:Win32/Seheq!rfn	severe
Trojan:Win32/Senta	severe
Trojan:Win32/Skeeyah.A!bit	severe
Trojan:Win32/Skeeyah.A!rfn	severe
Trojan:Win32/Skeeyah.B!rfn	severe
Trojan:Win32/Tiggre	severe
Trojan:Win32/Tiggre!rfn	severe
Trojan:Win32/Tnega!ml	severe
Trojan:Win32/Tnega.SMK!MTB	severe
Trojan:Win32/Trickbot.GN	severe
Trojan:Win32/WinLNK.ALY!MTB	severe
Trojan:Win32/Ymacco.ABF9	severe
Trojan:Win64/BypassUAC!MTB	severe
Trojan:Win64/CobaltStrike!MTB	severe
Trojan:Win64/CobaltStrike.BL!MTB	severe
Trojan:Win64/Emipdiy.A	severe
Trojan:Win64/Emotet.AL!MTB	severe
Trojan:Win64/GoldMax.A!dha	severe
Trojan:Win64/IcedID.ADB!MTB	severe
Trojan:Win64/Malgent!MSR	severe
Trojan:Win64/Zusy!MTB	severe
TrojanDownloader:MSIL/Ader.ARBC!MTB	severe
TrojanDownloader:MSIL/Heracles.ARBE!MTB	severe
TrojanDownloader:O97M/Obfuse.HPV	severe
TrojanDownloader:Win32/Tnega!MSR	severe
TrojanDownloader:Win32/Wunkay.A	severe
TrojanDownloader:Win32/Zdowbot.ARAE!MTB	severe
TrojanSpy:AndroidOS/SpyNote!MTB	severe
TrojanSpy:MSIL/Keylogger	severe
VirTool:MSIL/CryptInject	severe
VirTool:Win32/Injector.gen	severe
Worm:Win32/Gamarue.gen	severe