TrojanDownloader:MSIL/Rhadamanthys.A!MTB

Guidance for individual users

The following steps can help prevent such an attack related to the malware:

• Keep your operating system and antivirus products up to date.
• Use Microsoft Defender to run frequent scans and proactively detect anything malicious.
• Avoid opening anything suspicious.
• Take these steps to help prevent malware infection on your computer.

Guidance for enterprise administrators

Following the mitigation steps below can help prevent malware attacks:

• Harden internet-facing assets and ensure they have the latest security updates. Use threat and vulnerability management to audit these assets regularly for vulnerabilities, misconfigurations, and suspicious activity.
• Turn on cloud-delivered protection and automatic sample submission on Microsoft Defender Antivirus. These capabilities use artificial intelligence and machine learning to quickly identify and stop new and unknown threats.
• Turn on attack surface reduction rules, including rules that block credential theft, ransomware activity, and suspicious use of PsExec and WMI. To address malicious activity initiated through weaponized Office documents, use rules that block advanced macro activity, executable content, process creation, and process injection initiated by Office applications. To assess the impact of these rules, deploy them in audit mode.
• Use the Microsoft Defender Firewall and your network firewall to prevent RPC and SMB communication among endpoints whenever possible. This limits lateral movement as well as other attack activities.
• Turn on tamper protection features to prevent attackers from stopping security services.