Warning message... Link to action
Read our in-depth analysis of a new high-volume campaign that marked the resurgence of notorious malware-as-a-service Hawkeye Keylogger. Read the blog post
Aliases: Trojan.Tenegour.9 (Dr.Web) Downloader-CRD (McAfee) Troj/Bredo-TZ (Sophos)
Windows Defender Antivirus detects and removes this threat.
TrojanDownloader:Win32/Dofoil.O is a trojan that attempts to download arbitrary files from specified remote servers. This trojan may be encountered as a file attached to a spammed email message.
On March 6, 2018, behavior monitoring and machine learning technologies in Windows Defender Antivirus stopped a Dofoil variant (also known as Smoke Loader) that tried to infect more than 400,000 computers. The massive campaign aimed to install a cryptocurrency miner that uses victim computers' resources for coin mining purposes. Learn how artificial intelligence stopped the attack within minutes: