We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanDownloader:Win32/VB.AAF
Detected by Microsoft Defender Antivirus
Aliases: Trojan-Downloader.Win32.VB.awj (Kaspersky) Generic Downloader.s (McAfee) Troj/VB-DXI (Sophos) Trojan-Downloader.VB.VGB (Sunbelt Software) Downloader (Symantec) TROJ_VB.CQU (Trend Micro)
Summary
TrojanDownloader:Win32/VB.AAF is a Trojan that uses IP address geolocation (IPGEO) in order to target region-specific files to download from a remote Web site. In the wild, Microsoft has observed that the downloaded files are typically variants of Virus:Win32/Virut and Adware:Win32/Virtumondo families.
TrojanDownloader:Win32/VB.AAF may download and install additional malicious software, thus manual removal is not recommended. To detect and remove this Trojan and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, visit http://www.microsoft.com/athome/security/downloads/default.mspx
Follow us
