Warning message... Link to action
In MITRE's evaluation of EDR solutions, Windows Defender ATP demonstrated industry-leading optics and detection capabilities Read the blog: Insights from the MITRE evaluation
Aliases: No associated aliases
Windows Defender detects and removes this threat.
This malware family is well known for being tricky to detect and remove because of its file-less design after infection. They infect your PCs so malware perpetrators can perform click-fraud and install additional malware on your machines.
They can steal your personal information, download more malware, or give a malicious hacker access to your PC.
You can read more about this threat on the Microsoft Malware Protection Center (MMPC) blog:
- Improved scripts in .lnk files now deliver Kovter in addition to Locky
- Kovter becomes almost file-less, creates a new file type, and gets some new certificates
- Large Kovter digitally-signed malvertising campaign and MSRT cleanup release