Skip to main content
Published Jul 12, 2022 | Updated Jul 27, 2022

Trojan:Win32/SiennaPurple.A!dha

Detected by Microsoft Defender Antivirus

Aliases: No associated aliases

Summary

Microsoft Defender Antivirus detects and removes this threat.


This trojan is a H0lyGh0st ransomware loader that has been developed and used by DEV-0530 threat actors in multiple campaigns. It is classified under the extension – BTLC_C.exe. It is written in the C++ programming language and is compiled into .exe to target Windows systems. Microsoft Defender Antivirus, which is built into and ships with Windows 10 and 11, detects and blocks BTLC_C.exe as SiennaPurple.

Microsoft Defender Antivirus  automatically removes threats as they are detected. If you have cloud-delivered protection, your device gets the latest defenses against new and unknown threats. If you don't have this feature enabled, update your antimalware definitions and run a full scan to remove this threat.

To help reduce the impact of this threat, you can:  

  • Proactively implement and frequently validate a data backup and restore plan as part of broader protection against ransomware and extortion threats.
Follow us