Skip to main content
Published Apr 03, 2023 | Updated Nov 29, 2023

Trojan:Win32/Drokbk.C!dha

Detected by Microsoft Defender Antivirus

Aliases: No associated aliases

Summary

Microsoft Defender Antivirus detects and removes this threat.

This threat is associated with a mature subgroup of Mint Sandstorm (PHOSPHORUS), an Iranian nation-state activity group, which has rapidly weaponized N-day vulnerabilities in common enterprise applications and conducted highly targeted phishing campaigns to quickly and successfully access environments of interest. This trojan is one of this Mint Sandstorm subgroup’s custom implants to persist in target environments and deploy additional tools.

For more information and guidance from Microsoft about this threat, read the following blog:

Microsoft Defender Antivirus automatically removes threats as they are detected. If you have cloud-delivered protection, your device gets the latest defenses against new and unknown threats. If you don't have this feature enabled, update your antimalware definitions and run a full scan to remove this threat.

You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.

Follow us