Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
5 entries found.
Win32/Hamweq
Win32/Hamweq is a worm that spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may be used by a remote attacker to order the affected machine to participate in Distributed Denial of Service attacks, or to download and execute arbitrary files.
Alert level:
severe
Worm:Win32/Hamweq.J
Worm:Win32/Hamweq.J is a worm that spreads via removable drives, such as USB memory sticks. It may also be used by a remote attacker to order the affected machine to participate in Distributed Denial of Service attacks.
Alert level:
severe
VirTool:Win32/VBInject.gen!BW
VirTool:Win32/VBInject.gen!BW is a detection of an obfuscator used by particular malware. It is written in VB (Visual Basic). It attempts to hinder analysis and detection of the malware code it is applied to. The malware code runs in memory directly without being dropped as a file.
Alert level:
severe
Worm:Win32/Hamweq
Alert level:
severe
TrojanDropper:Win32/Hamweq
TrojanDropper:Win32/Hamweq is a trojan that drops and installs Worm:Win32/Hamweq.A, a worm that spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may be used by a remote attacker to order the affected machine to participate in Distributed Denial of Service attacks, or to download and execute arbitrary files.
Alert level:
severe