Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
28 entries found.
Displaying page 2
of 2.
Backdoor:Win32/IRCbot.BH
Backdoor:Win32/IRCbot.BH is a generic detection for a backdoor trojan that connects to an IRC server to receive commands from an attacker. This trojan contains code that exploits vulnerable Windows computers that have not applied Security Bulletin MS08-067.
Alert level:
severe
Trojan:Win32/Zbot.CJ
Trojan:Win32/Zbot.CJ is a password stealing trojan with remote access functionality. This trojan may inject code into running processes and download files from a predefined Web site. In the wild, this trojan has been observed distributed in spam e-mail messages as an attachment named "World_CONFR.zip".
Alert level:
severe
PWS:Win32/Zbot.CJ
Trojan:Win32/Zbot.CJ is a password stealing trojan with remote access functionality. This trojan may inject code into running processes and download files from a predefined Web site. In the wild, this trojan has been observed distributed in spam e-mail messages as an attachment named "World_CONFR.zip".
Alert level:
severe
Worm:Win32/Spybot
Win32/Spybot is a network worm that targets certain versions of Microsoft Windows. The worm can spread through writeable network shares that have weak administrator passwords, or through peer-to-peer, file-sharing programs. It can also spread by exploiting various Windows vulnerabilities. Win32/Spybot also has a backdoor component that allows attackers to control an infected computer.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!V
Backdoor:Win32/IRCbot.gen!V is a generic detection for a trojan that allows unauthorized access and control of an affected machine by a remote attacker using IRC. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from an attacker. This particular detection may trigger on variants of several different IRC bot families, including Win32/Pushbot and Win32/Synigh.
Alert level:
severe
Backdoor:Win32/IRCbot.PS
Backdoor:Win32/IRCbot.PS is a trojan that connects to an Internet Relay Chat (IRC) server and provides attackers with remote access to the infected system. Commands that can be remotely executed include downloading and executing files.
Alert level:
severe
TrojanDropper:Win32/IRCbot
Alert level:
severe
Worm:Win32/Neeris.gen!D
Worm:Win32/Neeris.gen!D is a generic detection for a worm that spreads via removable drives and instant messenger programs. It also allows backdoor access and control of the affected computer.
Alert level:
severe