Change logs for security intelligence update version 1.431.788.0

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Security intelligence update version

Released on

7/21/2025 10:34:29 AM

Added threat detections

Name	Severity
Trojan:HTML/Redirector.ABBS!MTB	severe
Trojan:HTML/Redirector.LVA!MTB	severe
Trojan:MSIL/ClipBanker.ACAB!MTB	severe
Trojan:MSIL/DarkTortilla.MSZ!MTB	severe
Trojan:PowerShell/NetSupportRat.AB!MTB	severe
Trojan:Script/MSIClickFix!rfn	severe
Trojan:VBS/xworm.ZXR!MTB	severe
Trojan:Win32/ModiLoader.AB!MTB	severe
Trojan:Win64/LummaStealer.PGLT!MTB	severe
TrojanDownloader:Win32/OzoneRAT!rfn	severe
TrojanDropper:JS/XWorm.LUZ!MTB	severe

Updated threat detections

Name	Severity
Adware:Win32/Dealply	high
Adware:Win32/Tnega!MSR	high
Backdoor:Linux/Gafgyt!rfn	severe
Backdoor:Linux/Mirai.AP!xp	severe
Backdoor:MacOS/ORat!MTB	severe
Backdoor:MacOS/ORat.A!MTB	severe
Backdoor:MSIL/Bladabindi.B	severe
Backdoor:MSIL/DCRat!rfn	severe
Backdoor:MSIL/XWormRAT!rfn	severe
Backdoor:PHP/Webshell	severe
Backdoor:Win32/Berbew	severe
Backdoor:Win32/Berbew!rfn	severe
Backdoor:Win32/DCRAT!rfn	severe
Backdoor:Win32/Padodor!rfn	severe
Backdoor:Win32/Sacto!rfn	severe
BrowserModifier:MSIL/MediaArena	high
BrowserModifier:Win32/Xeelyak	high
DDoS:Win32/Multiverze!rfn	severe
Exploit:O97M/CVE-2017-11882.XGBK!MTB	severe
Exploit:Perl/VMFill.A!xp	severe
Exploit:Win32/CVE-2022	severe
HackTool:AndroidOS/Multiverze!rfn	high
HackTool:JS/Jsprat!rfn	high
HackTool:Linux/PthToolkitGen.ZZ	high
HackTool:MSIL/AutoKms	high
HackTool:MSIL/SharPersistMSR	high
HackTool:Python/Impacket!AMTB	high
HackTool:Python/Impacket!rfn	high
HackTool:Python/Impacket.AF	high
HackTool:Python/Impacket.AM	high
HackTool:Win32/AutoKMS	high
HackTool:Win32/AutoKMS!MSR	high
HackTool:Win32/crack	high
HackTool:Win32/Crack!MTB	high
HackTool:Win32/Crack!rfn	high
HackTool:Win32/Injector!MTB	high
HackTool:Win32/Keygen	high
HackTool:Win32/KeyGen!AMTB	high
HackTool:Win32/Keygen!MTB	high
HackTool:Win32/Mailpassview	high
HackTool:Win32/Malgent!MSR	high
HackTool:Win32/Multiverze!rfn	high
HackTool:Win32/Patcher!AMTB	high
HackTool:Win32/PDump.A	high
HackTool:Win32/Planetize	high
HackTool:Win64/RDPWrap!MTB	high
Joke:AndroidOS/Multiverze!rfn	moderate
Misleading:Win32/Spreeckinso	high
Program:AndroidOS/Multiverze!rfn	high
Program:Java/Multiverze!rfn	high
Program:Linux/Multiverze!rfn	high
Program:Win32/Multiverze!rfn	high
PWS:MSIL/Browsstl!rfn	severe
PWS:Win32/Simda!rfn	severe
PWS:Win32/Zbot!rfn	severe
Ransom:Linux/HelloKitty.T!MTB	severe
Ransom:MSIL/BigHead!MTB	severe
Ransom:MSIL/Syrk.AD	severe
Ransom:Win32/AvosLocker.MBK!MTB	severe
Ransom:Win32/BlackCat.MK!MTB	severe
Ransom:Win32/BlackSuit	severe
Ransom:Win32/Filecoder!rfn	severe
Ransom:Win32/Qilin	severe
Ransom:Win32/StopCrypt.MYK!MTB	severe
Ransom:Win32/WastMario!rfn	severe
Ransom:Win64/BlackByte!MTB	severe
Ransom:Win64/Gojdu.A	severe
Ransom:Win64/PANDORA.REL!MTB	severe
Rogue:AndroidOS/Multiverze!rfn	severe
Rogue:Win32/FakeSpypro!rfn	severe
Spyware:AndroidOS/Multiverze!rfn	high
SupportScam:Win32/Screcwon!AMTB	severe
Trojan:AndroidOS/AVerseFalc!rfn	severe
Trojan:AndroidOS/Multiverze!rfn	severe
Trojan:AndroidOS/Spynote.L!MTB	severe
Trojan:HTML/FakeCaptcha!rfn	severe
Trojan:HTML/FakeLogin.ACG!MTB	severe
Trojan:HTML/Phish!rfn	severe
Trojan:HTML/SpamLeonem!rfn	severe
Trojan:Java/Multiverze!rfn	severe
Trojan:JS/Cryxos!rfn	severe
Trojan:JS/Pterodo!rfn	severe
Trojan:JS/XWorm.RVB!MTB	severe
Trojan:Linux/CoinMiner!rfn	severe
Trojan:Linux/Multiverze!rfn	severe
Trojan:Linux/Prometei!rfn	severe
Trojan:Linux/SAgnt!MTB	severe
Trojan:MacOS/Amos.EF!MTB	severe
Trojan:MacOS/Multiverze!rfn	severe
Trojan:MSIL/AgentTesla!MTB	severe
Trojan:MSIL/AgentTesla!rfn	severe
Trojan:MSIL/AgentTesla.RAG!MTB	severe
Trojan:MSIL/AsyncRAT!rfn	severe
Trojan:MSIL/Clipbanker!MTB	severe
Trojan:MSIL/CoinStealer!rfn	severe
Trojan:MSIL/DCRat!rfn	severe
Trojan:MSIL/FormBook!MSR	severe
Trojan:MSIL/FormBook!rfn	severe
Trojan:MSIL/Heracles!MTB	severe
Trojan:MSIL/Keylogger!rfn	severe
Trojan:MSIL/Malgent!MSR	severe
Trojan:MSIL/Mamson!rfn	severe
Trojan:MSIL/PureCrypter!rfn	severe
Trojan:MSIL/PureLogStealer!rfn	severe
Trojan:MSIL/Spynoon!rfn	severe
Trojan:MSIL/Taskun!rfn	severe
Trojan:MSIL/Tnega!MSR	severe
Trojan:MSIL/XWormRAT!rfn	severe
Trojan:MSIL/Zusy!rfn	severe
Trojan:PowerShell/GuLoader.RVC!MTB	severe
Trojan:PowerShell/NetSupportRat.AB!MTB	severe
Trojan:PowerShell/Obfuse	severe
Trojan:PowerShell/Rhadamanthys.SHA!MTB	severe
Trojan:Python/Multiverze!rfn	severe
Trojan:Script/AHCoinMiner!rfn	severe
Trojan:Script/CoinMiner!rfn	severe
Trojan:Script/Malgent!MSR	severe
Trojan:Script/MSIClickFix!rfn	severe
Trojan:Script/Multiverze!rfn	severe
Trojan:VBS/AsyncRAT!rfn	severe
Trojan:VBS/GuLoader.RVC!MTB	severe
Trojan:VBS/Masslogger.SS!MTB	severe
Trojan:VBS/Obfuse!rfn	severe
Trojan:VBS/Obfuse.ZEQ!MTB	severe
Trojan:Win32/AgentTesla.GPD!MTB	severe
Trojan:Win32/Alevaul!rfn	severe
Trojan:Win32/Almanahe!rfn	severe
Trojan:Win32/Amadey!rfn	severe
Trojan:Win32/Amadey.PAD!MTB	severe
Trojan:Win32/AmdeyRunner!rfn	severe
Trojan:Win32/AutoInject.CCJC!MTB	severe
Trojan:Win32/AutoitInject!rfn	severe
Trojan:Win32/AutoitInject.ATZA!MTB	severe
Trojan:Win32/Autoitinject.PPEH!MTB	severe
Trojan:Win32/Banker!MSR	severe
Trojan:Win32/Bitrep!MTB	severe
Trojan:Win32/BlackMoon!MTB	severe
Trojan:Win32/Cerber!rfn	severe
Trojan:Win32/CobaltStrike!rfn	severe
Trojan:Win32/Convagent.SPQT!MTB	severe
Trojan:Win32/Darkeye!rfn	severe
Trojan:Win32/DarkTortilla!rfn	severe
Trojan:Win32/DllInject!rfn	severe
Trojan:Win32/Dynamer!ac	severe
Trojan:Win32/Dynamer!rfn	severe
Trojan:Win32/Egairtigado!rfn	severe
Trojan:Win32/Etset!rfn	severe
Trojan:Win32/Expiro!MTB	severe
Trojan:Win32/EyeStye!rfn	severe
Trojan:Win32/Fareit!rfn	severe
Trojan:Win32/Flystudio!MTB	severe
Trojan:Win32/FormBook!rfn	severe
Trojan:Win32/FormBook.RVD!MTB	severe
Trojan:Win32/Fragtor!MTB	severe
Trojan:Win32/GCleaner!rfn	severe
Trojan:Win32/Genasep!rfn	severe
Trojan:Win32/Grandoreiro!rfn	severe
Trojan:Win32/GuLoader!rfn	severe
Trojan:Win32/GuLoader.GNR!MTB	severe
Trojan:Win32/GuLoader.GOS!MTB	severe
Trojan:Win32/GuLoader.KAPR!MTB	severe
Trojan:Win32/GuLoader.KCXL!MTB	severe
Trojan:Win32/GuLoader.LSL!MTB	severe
Trojan:Win32/GuLoader.NSD!MTB	severe
Trojan:Win32/GuLoader.RKE!MTB	severe
Trojan:Win32/Guloader.RKF!MTB	severe
Trojan:Win32/GuLoader.RSX!MTB	severe
Trojan:Win32/GuLoader.SRG!MTB	severe
Trojan:Win32/Heracles!MTB	severe
Trojan:Win32/ICLoader!rfn	severe
Trojan:Win32/IRCBot!rfn	severe
Trojan:Win32/Jaik!MTB	severe
Trojan:Win32/Kepavll!rfn	severe
Trojan:Win32/Korplug!MSR	severe
Trojan:Win32/Kovter.I	severe
Trojan:Win32/Kryptik!rfn	severe
Trojan:Win32/Lazy!rfn	severe
Trojan:Win32/Leonem	severe
Trojan:Win32/Leonem!rfn	severe
Trojan:Win32/LummaStealer!MTB	severe
Trojan:Win32/LummaStealer!rfn	severe
Trojan:Win32/Malgent	severe
Trojan:Win32/Malgent!MSR	severe
Trojan:Win32/Malgent!MTB	severe
Trojan:Win32/MalLoader!rfn	severe
Trojan:Win32/MereTam!rfn	severe
Trojan:Win32/Meterpreter!rfn	severe
Trojan:Win32/ModiLoader!rfn	severe
Trojan:Win32/ModiLoader.NB!MTB	severe
Trojan:Win32/Multiverze!rfn	severe
Trojan:Win32/OffLoader!MTB	severe
Trojan:Win32/OffLoader!rfn	severe
Trojan:Win32/Orsam!rts	high
Trojan:Win32/PhishLeonem!rfn	severe
Trojan:Win32/Phorpiex!rfn	severe
Trojan:Win32/PlugX!rfn	severe
Trojan:Win32/Pomal!rfn	severe
Trojan:Win32/PrivateLoader!MTB	severe
Trojan:Win32/ProcessHijack!rfn	severe
Trojan:Win32/Qakbot!rfn	severe
Trojan:Win32/QQPass!rfn	severe
Trojan:Win32/Razy!rfn	severe
Trojan:Win32/RisePro!rfn	severe
Trojan:Win32/Rozena!MTB	severe
Trojan:Win32/Runner!rfn	severe
Trojan:Win32/SalatStealer!rfn	severe
Trojan:Win32/Salgorea!rfn	severe
Trojan:Win32/Satbrop.A	severe
Trojan:Win32/Sdum!rfn	severe
Trojan:Win32/Seheq!rfn	severe
Trojan:Win32/Skeeyah	severe
Trojan:Win32/Skeeyah!rfn	severe
Trojan:Win32/Skeeyah.A!bit	severe
Trojan:Win32/Skeeyah.A!MTB	severe
Trojan:Win32/Stealerc!rfn	severe
Trojan:Win32/Suloc!rfn	severe
Trojan:Win32/Suschil!rfn	severe
Trojan:Win32/Tedy!MTB	severe
Trojan:Win32/Tepfer!rfn	severe
Trojan:Win32/Tiggre!rfn	severe
Trojan:Win32/Tnega!ml	severe
Trojan:Win32/Tnega!MSR	severe
Trojan:Win32/Tnega.VAM!MTB	severe
Trojan:Win32/Tonmye!rfn	severe
Trojan:Win32/UnusualASEP!rfn	severe
Trojan:Win32/Vagger!rfn	severe
Trojan:Win32/Vilsel!rfn	severe
Trojan:Win32/Wacatac	severe
Trojan:Win32/WinLNK.KAY!MTB	severe
Trojan:Win32/WinLNK.LUY!MTB	severe
Trojan:Win32/Ymacco.AAE7	severe
Trojan:Win32/Yomal!rfn	severe
Trojan:Win32/Zbot!rfn	severe
Trojan:Win32/Zenapak!rfn	severe
Trojan:Win32/Zenpak!rfn	severe
Trojan:Win32/Znyonm!rfn	severe
Trojan:Win32/Zombie!rfn	severe
Trojan:Win32/Zusy!MTB	severe
Trojan:Win32/Zusy!rfn	severe
Trojan:Win64/Barys!MTB	severe
Trojan:Win64/CobaltStrike!rfn	severe
Trojan:Win64/CobaltStrike.APC!MTB	severe
Trojan:Win64/Coinminer.RB!MTB	severe
Trojan:Win64/Disco!MTB	severe
Trojan:Win64/Disdroth.EM!MTB	severe
Trojan:Win64/DisguisedXMRigMiner	severe
Trojan:Win64/DLLHijack!MTB	severe
Trojan:Win64/Donut!rfn	severe
Trojan:Win64/DonutLoader.PCO!MTB	severe
Trojan:Win64/FormBook!rfn	severe
Trojan:Win64/Grandoreiro!rfn	severe
Trojan:Win64/Lazy!MTB	severe
Trojan:Win64/LummaStealer!MTB	severe
Trojan:Win64/LummaStealer!rfn	severe
Trojan:Win64/LummaStealer.FRM!MTB	severe
Trojan:Win64/LummaStealer.HMD!MTB	severe
Trojan:Win64/Malgent!MSR	severe
Trojan:Win64/Nuitka!MTB	severe
Trojan:Win64/PortStart!rfn	severe
Trojan:Win64/Redline!rfn	severe
Trojan:Win64/ShellcodeInject.GLN!MTB	severe
Trojan:Win64/ShellcodeInject.INC!MTB	severe
Trojan:Win64/ShellcodeRunner.ASDF!MTB	severe
Trojan:Win64/SilentCryptoMiner!rfn	severe
Trojan:Win64/SpyLoader!rfn	severe
Trojan:Win64/Tedy!MTB	severe
Trojan:Win64/WinGoObf!MTB	severe
Trojan:Win64/XLoader!MTB	severe
Trojan:Win64/Zusy!MTB	severe
TrojanClicker:Win32/Doplik.R	severe
TrojanDownloader:JS/FakejQuery!rfn	severe
TrojanDownloader:JS/FormBook.RBA!MTB	severe
TrojanDownloader:JS/Qakbot!rfn	severe
TrojanDownloader:MSIL/AgentTesla!rfn	severe
TrojanDownloader:O97M/Emotet.CSK!MTB	severe
TrojanDownloader:O97M/Obfuse.DR	severe
TrojanDownloader:Win32/Berbew	severe
TrojanDownloader:Win32/Berbew!rfn	severe
TrojanDownloader:Win32/Eqtonapt!rfn	severe
TrojanDownloader:Win32/Nemucod!rfn	severe
TrojanDownloader:Win64/Rugmi!rfn	severe
TrojanDropper:AndroidOS/Multiverze!rfn	severe
TrojanDropper:O97M/Obfuse.SLB!MTB	severe
TrojanDropper:Win32/VB!rfn	severe
TrojanSpy:Win32/Bancos.AHU	severe
TrojanSpy:Win32/Derusbi.A!dha	severe
VirTool:MSIL/CryptInject.YF!rfn	severe
VirTool:MSIL/StandIn.A!MTB	severe
VirTool:Win32/Kekeo.A!MTB	severe
VirTool:Win32/VMProtect	severe
Worm:Win32/Autorun!rfn	severe
Worm:Win32/Fesber!rfn	severe
Worm:Win32/Mofksys!rfn	severe
Worm:Win32/Multiverze!rfn	severe