We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanDropper:Win64/KnuckleTouch.A!dha
Aliases: No associated aliases
Summary
TrojanDropper:Win64/KnuckleTouch.A!dha is the detection for the creation and deployment of a dropper retrieved from compromised websites using the certutil utility, a known living-off-the-land binary (LOLBin).
Microsoft Defender Antivirus automatically removes threats as they are detected. However, many infections can leave remnant files and system changes. Updating your antimalware definitions and running a full scan might help address these remnant artifacts.
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.
Devices infected by this trojan might be severely compromised and require complete restoration. Consider restoring your device. When restoring data, ensure that it is a clean, uninfected copy.