We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanSpy:Win32/Delf.CL
Aliases: Trojan.Win32.VBKrypt.bgkx (Kaspersky) W32/PWStealer.B (Norman) Trojan.VBKrypt!kM9GugS8lDY (VirusBuster) PSW.SpyEye.AO (AVG) TR/Crypt.ULPM.Gen (Avira) Trojan.Win32.Pincav (Ikarus) Trojan.Sasfis (Symantec) TROJ_VBKRYPT.CG (Trend Micro)
Summary
TrojanSpy:Win32/Delf.CL is a malware binary written in Delphi and packed with a custom packer to make analysis harder. It gathers email accounts with their associated credentials from the affected computer and then sends them out to a remote attacker.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.