We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
PWS:Win32/Sinowal.E
Detected by Microsoft Defender Antivirus
Aliases: PWS-JA (McAfee) TSPY_SINOWAL.BQ (Trend Micro)
Summary
PWS:Win32/Sinowal.E is the dropper component of a Trojan that steals user data and opens a backdoor on the infected computer. PWS:Win32/Sinowal.E drops files that Microsoft detects as PWS:Win32/Sinowal.K, PWS:Win32/Sinowal.M.dll, PWS:Win32/Sinowal.H.dll, and PWS:Win32/Sinowal!AD29.
Attempting to remove PWS:Win32/Sinowal.E manually is not recommended. To detect and remove PWS:Win32/Sinowal.E and other Win32/Sinowal variants, run a full-system scan with an up-to-date antivirus product such as the Microsoft Malicious Software Removal Tool (http://www.microsoft.com/security/malwareremove/default.mspx) or the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, visit http://www.microsoft.com/athome/security/downloads/default.mspx
Follow us
