We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanDownloader:Win32/AY
Detected by Microsoft Defender Antivirus
Aliases: No associated aliases
Summary
TrojanDownloader:Win32/AY attempts to download a file from a remote Web site and run that file on the impacted system. This file may be named 'parad.raw.exe' and copies of the file may be created as follows:
C:\<random name>.exe
<system folder>\parad.raw.exe
<system folder>\taskdir.dll
<system folder>\taskdir~.exe
<system folder>\parad.raw.exe
<system folder>\parad.raw.exe
<system folder>\taskdir.dll
<system folder>\taskdir~.exe
<system folder>\parad.raw.exe
Follow us
