Change logs for security intelligence update version 1.413.120.0

This page lists newly added and updated threat detections included in security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware. If you don’t find the latest security intelligence update version in the selector below, please refresh this page or let us know us know through the feedback smiley.

Looking for the latest update? Download the latest update

Security intelligence update version

Released on

6/5/2024 3:05:49 PM

Added threat detections

Name	Severity
Behavior:Linux/FileWriteInCurrentMasqueradeDir.F1	severe
Behavior:Linux/ProcessExecFromCurrentMasqueradeDir.F2	severe
Behavior:Linux/SuspCurlWgetInvocationInMnt.A	severe
Exploit:O97M/CVE-2017-0199.NID!MTB	severe
Ransom:Linux/Encrypter.K	severe
Ransom:MSIL/Loki.AMMF!MTB	severe
Ransom:MSIL/WannaScream!MTB	severe
Trojan:BAT/Starter.AMC!MTB	severe
Trojan:JS/Remcos.RVC!MTB	severe
Trojan:Linux/Sliver.C!MTB	severe
Trojan:MacOS/Amos.M!MTB	severe
Trojan:MSIL/AgentTesla.AMMF!MTB	severe
Trojan:MSIL/Androm.AMMF!MTB	severe
Trojan:Python/Rozena!MTB	severe
Trojan:Win32/BlackMoon.GXU!MTB	severe
Trojan:Win32/Fragtor.ASGH!MTB	severe
Trojan:Win32/GuLoader.RVBH!MTB	severe
Trojan:Win32/Neoreblamy.RA!MTB	severe
Trojan:Win32/Neoreblamy.RB!MTB	severe
Trojan:Win32/SmokeLoader.PAEH!MTB	severe
Trojan:Win32/Stealc.ASGH!MTB	severe
Trojan:Win32/Tisifi.RE	severe
TrojanDownloader:JS/Remcos.CZ!MTB	severe
TrojanDownloader:Win64/Fragtor.A!MTB	severe

Updated threat detections

Name	Severity
Backdoor:Java/Dirtelti.A	severe
Backdoor:JS/Makdichi.A!MTB	severe
Backdoor:Linux/DemonBot.Aa!MTB	severe
Backdoor:Linux/Gafgyt.AW!xp	severe
Backdoor:Linux/Gafgyt.I!xp	severe
Backdoor:Linux/Mirai.A!MTB	severe
Backdoor:MSIL/Bladabindi.AMBB!MTB	severe
Backdoor:MSIL/DCRat!MTB	severe
Backdoor:MSIL/Quasar.GG!MTB	severe
Backdoor:MSIL/XWormRAT.J!MTB	severe
Backdoor:PHP/Chopper.B!dha	severe
Backdoor:PHP/Chopper.B!rfn	severe
Backdoor:PHP/Masqshell.E!dha	severe
Backdoor:Win32/Remcos.GA!MTB	severe
Backdoor:Win32/Simda.gen!B	severe
Backdoor:Win32/Tofsee.MAK!MTB	severe
Behavior:Linux/AkiraRansom.A	severe
Behavior:Linux/BlackSuitRansom.A	severe
Behavior:Linux/BlackSuitRansom.B	severe
Behavior:Linux/echoraix.A	severe
Behavior:Linux/RawSocketOpen.A	severe
Behavior:Linux/RoyalRansom.A	severe
Behavior:Linux/StagedArchiveExfil.A	severe
Behavior:Linux/StagedArchiveExfilCurl.A	severe
Behavior:Linux/StagedArchiveExfilWget.A	severe
Behavior:Linux/SuspHTTPoverNonStandardPort.A	severe
Behavior:Linux/SuspOutgoingTCPNonCommonPort.A	severe
Behavior:Linux/SuspRcloneSpawn.B	severe
Behavior:Linux/SuspUPXChangePerm.A	severe
Behavior:MacOS/SuspFileExec.B	severe
Behavior:Win32/SimReport.A	severe
BrowserModifier:MSIL/MediaArena	high
Exploit:O97M/CVE-2017-0199.RVGU!MTB	severe
Exploit:O97M/CVE-2017-11882.RVCJ	severe
Exploit:O97M/CVE-2017-11882.RVCK	severe
HackTool:PowerShell/AMSIBypass.A	high
HackTool:PowerShell/PowerView.A	high
HackTool:Python/Agent	high
HackTool:Python/Impacket.AI	high
HackTool:Python/Impacket.AQ	high
HackTool:Win32/AndroidUnlocker	high
HackTool:Win32/AutoKMS	high
HackTool:Win32/BruteForce	high
HackTool:Win32/crack	high
HackTool:Win32/Crack!MTB	high
HackTool:Win32/Cymulion	high
HackTool:Win32/DefenderControl!MSR	high
HackTool:Win32/DongleHack	high
HackTool:Win32/Keygen	high
HackTool:Win32/Malgent!MSR	high
HackTool:Win32/Meterpreter.A!dll	high
HackTool:Win32/Patcher	high
HackTool:Win64/Cymulion!pz	high
Program:AndroidOS/Multiverze	high
Program:Linux/Multiverze	high
Program:Win32/Multiverze	high
PWS:Win32/Sukwidon.A	severe
Ransom:Linux/HelloKittyCat.A1	severe
Ransom:Linux/HelloKittyCat.A3	severe
Ransom:Linux/Soleenya.A3	severe
Ransom:Linux/TellYouThePass.A7	severe
Ransom:Win32/Genasom	severe
Ransom:Win32/Medusa.PA!MTB	severe
Ransom:Win32/StopCrypt.PBM!MTB	severe
Ransom:Win64/Hive	severe
SoftwareBundler:Win32/Stallmonitz	high
Spyware:Win32/Omaneat!pz	high
Tool:AndroidOS/Multiverze	moderate
Tool:Linux/Multiverze	moderate
Trojan:AndroidOS/Downloader!MTB	severe
Trojan:AndroidOS/Hiddad!MTB	severe
Trojan:AndroidOS/Multiverze	severe
Trojan:AndroidOS/RewardSteal!MTB	severe
Trojan:AndroidOS/SAgnt!MTB	severe
Trojan:AndroidOS/SmsSpy.M	severe
Trojan:AndroidOS/SpyAgent.M	severe
Trojan:AndroidOS/Triada!MTB	severe
Trojan:BAT/Runner.B	severe
Trojan:HTML/Phish!MSR	severe
Trojan:HTML/Phish.RVDC!MTB	severe
Trojan:HTML/Redirector.PAAQ	severe
Trojan:JS/Malgent!MSR	severe
Trojan:JS/Obfuse!MSR	severe
Trojan:Linux/CoinMiner	severe
Trojan:MSIL/AgentTesla!MTB	severe
Trojan:MSIL/AgentTesla.KAPH	severe
Trojan:MSIL/AgentTesla.KJHH	severe
Trojan:MSIL/AgentTesla.KKAA!MTB	severe
Trojan:MSIL/AgentTesla.LQL!MTB	severe
Trojan:MSIL/AgentTesla.MVF!MTB	severe
Trojan:MSIL/AgentTesla.RDAN!MTB	severe
Trojan:MSIL/AgentTesla.RKA!MTB	severe
Trojan:MSIL/Amadey.RDQ!MTB	severe
Trojan:MSIL/AsyncRAT.NA!MTB	severe
Trojan:MSIL/AveMaria.AB!MTB	severe
Trojan:MSIL/Cryptor	severe
Trojan:MSIL/CymRan!pz	severe
Trojan:MSIL/CymRan.ACA!MTB	severe
Trojan:MSIL/DarkTortilla.OGAA!MTB	severe
Trojan:MSIL/DCRat.LA!MTB	severe
Trojan:MSIL/DCRat.MA!MTB	severe
Trojan:MSIL/Dcstl.EAAA!MTB	severe
Trojan:MSIL/Dcstl.OUAA!MTB	severe
Trojan:MSIL/Formbook.AMBF!MTB	severe
Trojan:MSIL/FormBook.RPY!MTB	severe
Trojan:MSIL/Heracles.AHR!MTB	severe
Trojan:MSIL/Heracles.NH!MTB	severe
Trojan:MSIL/Injector	severe
Trojan:MSIL/Injuke.OQAA!MTB	severe
Trojan:MSIL/Lazy.AL!MTB	severe
Trojan:MSIL/LokiBot.RPX!MTB	severe
Trojan:MSIL/Racoon.BR!MTB	severe
Trojan:MSIL/Redline.VQ!MTB	severe
Trojan:MSIL/Remcos.KAAJ!MTB	severe
Trojan:MSIL/RemLoader!MTB	severe
Trojan:MSIL/RevengeRat.RVT!MTB	severe
Trojan:MSIL/Seraph.RG!MTB	severe
Trojan:MSIL/SnakeKeyLogger.RDAY!MTB	severe
Trojan:MSIL/SnakeKeylogger.SPVF!MTB	severe
Trojan:MSIL/SnakeKeylogger.SPXXP!MTB	severe
Trojan:MSIL/Tedy!MTB	severe
Trojan:MSIL/Zusy.PTHT!MTB	severe
Trojan:O97M/Donoff	severe
Trojan:PDF/Phish!MSR	severe
Trojan:PDF/Phish.HNAD!MTB	severe
Trojan:PDF/Phish.NHR!MTB	severe
Trojan:PowerShell/Malgent!MSR	severe
Trojan:PowerShell/Obfuse!MSR	severe
Trojan:Script/Phonzy.A!ml	severe
Trojan:VBS/AgentTesla	severe
Trojan:VBS/DropBin.CS!eml	severe
Trojan:VBS/GuLoader.NHP!MTB	severe
Trojan:VBS/GuLoader.RTCS!MTB	severe
Trojan:VBS/GuLoader.TTF!MTB	severe
Trojan:VBS/Malgent!MSR	severe
Trojan:VBS/Nemucod.SS!MTB	severe
Trojan:Win32/AgentTesla!MSR	severe
Trojan:Win32/AgentTesla.KSAH	severe
Trojan:Win32/AgentTesla.PRFX!MTB	severe
Trojan:Win32/Amadey.AMD!MTB	severe
Trojan:Win32/Amadey.KGZ!MTB	severe
Trojan:Win32/Amadey.NA!MTB	severe
Trojan:Win32/Astaroth.psyM!MTB	severe
Trojan:Win32/AutoitInject.OWAA!MTB	severe
Trojan:Win32/Azorult.RM!MTB	severe
Trojan:Win32/Banload	severe
Trojan:Win32/Blackmoon.LBAA!MTB	severe
Trojan:Win32/BlackMoon.Z!MTB	severe
Trojan:Win32/Blihan.A	severe
Trojan:Win32/Cerber.MPI!MTB	severe
Trojan:Win32/Chapak.RB!MTB	severe
Trojan:Win32/Convagent.AMMI!MTB	severe
Trojan:Win32/CryptBot.RF!MTB	severe
Trojan:Win32/CryptInject	severe
Trojan:Win32/CryptInject!MSR	severe
Trojan:Win32/Cryptinject!MTB	severe
Trojan:Win32/CryptInject!pz	severe
Trojan:Win32/CymRan.ACR!MTB	severe
Trojan:Win32/DanaBot.SPD!MTB	severe
Trojan:Win32/DCRat.MQ!MTB	severe
Trojan:Win32/DorkBot.DU	severe
Trojan:Win32/Dynamer!rfn	severe
Trojan:Win32/Ekstak.RS!MTB	severe
Trojan:Win32/Farfli!pz	severe
Trojan:Win32/Floxif.E	severe
Trojan:Win32/Formbook!MTB	severe
Trojan:Win32/FormBook.AFK!MTB	severe
Trojan:Win32/FormBook.NF!MTB	severe
Trojan:Win32/Fragtor!MTB	severe
Trojan:Win32/Fragtor.NFR!MTB	severe
Trojan:Win32/Giframe.A	severe
Trojan:Win32/Grandoreiro.psyN!MTB	severe
Trojan:Win32/GuLoader.KHHU	severe
Trojan:Win32/GuLoader.RVBF!MTB	severe
Trojan:Win32/GuLoader.RVBG!MTB	severe
Trojan:Win32/GuLoader.RVBH!MTB	severe
Trojan:Win32/ICLoader.JL!MTB	severe
Trojan:Win32/ICLoader.JLK!MTB	severe
Trojan:Win32/ICLoader.RPZ!MTB	severe
Trojan:Win32/Killav.HI	severe
Trojan:Win32/Leonem	severe
Trojan:Win32/Lokibot.JHK!MTB	severe
Trojan:Win32/LummaStealer.RO!MTB	severe
Trojan:Win32/Malgent	severe
Trojan:Win32/Malgent!MSR	severe
Trojan:Win32/Malgent!MTB	severe
Trojan:Win32/Mamson.A!ac	severe
Trojan:Win32/Mekotio!MTB	severe
Trojan:Win32/Mekotio.CVV!MTB	severe
Trojan:Win32/Meterpreter.O	severe
Trojan:Win32/MSILInject.GX!MTB	severe
Trojan:Win32/Multiverze	severe
Trojan:Win32/MyDoom!pz	severe
Trojan:Win32/MyDooms.LKA!MTB	severe
Trojan:Win32/Neoreblamy	severe
Trojan:Win32/Neoreblamy.RP!MTB	severe
Trojan:Win32/Neoreblamy.RS!MTB	severe
Trojan:Win32/Neoreklami!MTB	severe
Trojan:Win32/Occamy.CAA	severe
Trojan:Win32/PhishLeonem	severe
Trojan:Win32/Racealer.AD!MTB	severe
Trojan:Win32/Redline.CBYB!MTB	severe
Trojan:Win32/Redline.MRD!MTB	severe
Trojan:Win32/Redline.MRE!MTB	severe
Trojan:Win32/Remcos!MTB	severe
Trojan:Win32/Remcos.AN!MTB	severe
Trojan:Win32/Remcos.RVBP!MTB	severe
Trojan:Win32/RisePro!pz	severe
Trojan:Win32/RisePro.RP!MTB	severe
Trojan:Win32/RiseProStealer!pz	severe
Trojan:Win32/RiseProStealer.AT!MTB	severe
Trojan:Win32/Skeeyah	severe
Trojan:Win32/Skeeyah.A!rfn	severe
Trojan:Win32/Smokeloader.GZD!MTB	severe
Trojan:Win32/Smokeloader.GZF!MTB	severe
Trojan:Win32/StealC.AMBF!MTB	severe
Trojan:Win32/StealC.CCHS!MTB	severe
Trojan:Win32/Stealc.RPX!MTB	severe
Trojan:Win32/Stealerc.GAB!MTB	severe
Trojan:Win32/Strab.GPX	severe
Trojan:Win32/Swisyn.MBHW!MTB	severe
Trojan:Win32/Tedy.RV!MTB	severe
Trojan:Win32/Tnega!MSR	severe
Trojan:Win32/Trafog!pz	severe
Trojan:Win32/Upatre!pz	severe
Trojan:Win32/Urelas	severe
Trojan:Win32/Vidar.AK!MTB	severe
Trojan:Win32/Vidar.AMMJ!MTB	severe
Trojan:Win32/Vidar.MP!MTB	severe
Trojan:Win32/Vidar.NTJ!MTB	severe
Trojan:Win32/Vidar.RZ!MTB	severe
Trojan:Win32/Vidar.VOT!MTB	severe
Trojan:Win32/WinLNK.HNO!MTB	severe
Trojan:Win32/Ymacco.AAA4	severe
Trojan:Win32/Znyonm	severe
Trojan:Win32/Zusy!MTB	severe
Trojan:Win64/BitGoLoader.A!MTB	severe
Trojan:Win64/Bsymem.NB!MTB	severe
Trojan:Win64/Coinminer.RB!MTB	severe
Trojan:Win64/CrealStealer.AMJ!MTB	severe
Trojan:Win64/CrealStealer.AMK!MTB	severe
Trojan:Win64/CymRan.ACN!MTB	severe
Trojan:Win64/CymRan.ACY!MTB	severe
Trojan:Win64/CymRun.RDA!MTB	severe
Trojan:Win64/Cymulate.ACM!MTB	severe
Trojan:Win64/CymulateRansomTest.MKW!MTB	severe
Trojan:Win64/Cymuta.AH!MTB	severe
Trojan:Win64/Disdroth.LK!MTB	severe
Trojan:Win64/DisguisedXMRigMiner	severe
Trojan:Win64/Diztakun.ADZ!MTB	severe
Trojan:Win64/Emotet.KD!MTB	severe
Trojan:Win64/KDMapper.RDA!MTB	severe
Trojan:Win64/Malgent!MSR	severe
Trojan:Win64/Reflo.HNS!MTB	severe
Trojan:Win64/ShellcodeRunner.ASDF!MTB	severe
Trojan:Win64/SpyAgent!MSR	severe
Trojan:Win64/SpyBoy.SA!MTB	severe
Trojan:Win64/SpyLoader!pz	severe
Trojan:XML/SuspBuild.MJ!ibt	severe
TrojanDownloader:AndroidOS/Multiverze	severe
TrojanDownloader:MSIL/Ader!MTB	severe
TrojanDownloader:MSIL/AsyncRAT.CL!MTB	severe
TrojanDownloader:MSIL/CobaltStrike.CCIH!MTB	severe
TrojanDownloader:O97M/Donoff.RK!MTB	severe
TrojanDownloader:O97M/Pyordonofz	severe
TrojanDownloader:Win32/GhostRAT.I!MTB	severe
TrojanDownloader:Win32/Upatre	severe
TrojanDownloader:Win32/Upatre.A	severe
TrojanDownloader:Win64/Stealer.WQ!MTB	severe
TrojanProxy:Win32/Acapaladat!B	severe
TrojanSpy:AndroidOS/RewardSteal!MTB	severe
VirTool:MSIL/Aikaantivm.GG!MTB	severe
VirTool:MSIL/Cajan.B!MTB	severe
VirTool:MSIL/CezAbuz.B	severe
VirTool:MSIL/Kekeo.NT!MTB	severe
VirTool:SWF/Obfuscator.F	severe
VirTool:Win32/Meterpreter!pz	severe
Worm:Win32/AutoRun.XXY!bit	severe
Worm:Win32/Brontok	severe
Worm:Win32/Brontok@mm	severe
Worm:Win32/Chupik!pz	severe
Worm:Win32/Colowned.A	severe
Worm:Win32/Macoute!pz	severe
Worm:Win32/Mofksys.gen!A	severe
Worm:Win32/Mydoom.CB	severe
Worm:Win32/Renamer.A!MSR	severe
Worm:Win32/Rimecud!inf	severe