Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
14 entries found.
Win32/Bamital
Win32/Bamital is a family of malware that intercepts web browser traffic and prevents access to certain security-related websites by modifying the Hosts file. Bamital variants may also modify certain legitimate Windows files in order to execute their payload.
In the wild, the Bamital family has been used to perpetrate click-fraud.
Alert level:
severe
Trojan:Win32/Bamital.F
Trojan:Win32/Bamital.F is a component of the Win32/Bamital family. It is used by variants of TrojanDropper:Win32/Bamital to execute code previously saved in specific registry keys. The code is intended to monitor and modify Web search queries and displays advertisements. It affects users of Internet Explorer, Opera, and Firefox browsers.
Alert level:
severe
Trojan:Win32/Bamital.E
Trojan:Win32/Bamital.E is a component of the Win32/Bamital family. It is dropped by variants of TrojanDropper:Win32/Bamital to execute code previously saved in specific registry keys. The code is intended to monitor and modify Web search queries and display advertisements. It affects users of Internet Explorer, Opera, and Firefox browsers.
Alert level:
severe
TrojanDropper:Win32/Bamital.A
TrojanDropper:Win32/Bamital.A is a component of Win32/Bamital - a family of trojans intended to monitor and modify Web search queries and display advertisements. It affects users of Internet Explorer, Opera, and Firefox browsers.
Alert level:
severe
TrojanDropper:Win32/Bamital.G
TrojanDropper:Win32/Bamital.G is a detection for trojans that monitor and modify Web search queries and display advertisements, as well as modifying system DLLs such as "user32.dll".
Alert level:
severe
Trojan:Win32/Bamital
Trojan:Win32/Bamital is a detection for a trojan that intercepts web browser traffic and redirects web search queries.
Alert level:
severe
Trojan:Win32/Bamital.G
Trojan:Win32/Bamital.G is a trojan component that executes a payload component installed by TrojanDropper:Win32/Bamital.G.
Alert level:
severe
Virus:Win32/Bamital.G
Virus:Win32/Bamital.G is the detection for the files "explorer.exe" and "winlogon.exe" when they are infected. The infection is caused by TrojanDropper:Win32/Bamital.C.
Alert level:
severe
Virus:Win32/Bamital.H
Virus:Win32/Bamital.H is the detection for the files "explorer.exe" and "winlogon.exe" when they are infected. The infection is caused by TrojanDropper:Win32/Bamital.C.
Alert level:
severe
Trojan:Win32/Oficla.AC
Trojan:Win32/Oficla.AC is a trojan that attempts to contact a remote server to download and execute arbitrary files. In the wild, it has been observed downloading TrojanDropper:Win32/Bamital.C, which in turn infects the compromised system with Virus:Win32/Bamital.C.
Alert level:
severe
Trojan:Win32/Bamital.I
Trojan:Win32/Bamital.I is a trojan that may redirect user search requests to other sites. It also disables System Restore.
Alert level:
severe
Trojan:Win32/Bamital.J
Trojan:Win32/Bamital.J is a component of the Win32/Bamital trojan family. The trojan runs other components that are used to intercept web browser traffic and redirect web search queries.
Alert level:
severe
Trojan:Win32/Bamital.N
Trojan:Win32/Bamital.N is the detection for malware that intercepts web browser traffic and redirects search engine results. It also redirects access to certain websites to the local host.
Alert level:
severe
TrojanDropper:Win32/Bamital
Alert level:
severe