This trojan is malicious behavior associated with Kovter and other sophisticated fileless malware.

Microsoft Defender Antivirus detects this trojan whenever a command line designed to launch certain malicious JavaScript or VBScript code is run. Microsoft Defender Antivirus blocks the execution of the malicious script code, curtailing intended fileless attack activity.

Windows Defender detects and removes this threat.

This threat can download other malware onto your PC.

It is from a family of ransomware locks your PC and displays a full-screen message (commonly called a "lock screen").

See the Ransom:Win32/Urausy family entry, and our ransomware page for more information.

Find out ways that malware can get on your PC.

Microsoft security software detects and removes this family of threats.

This is a family of JavaScript components belonging to an exploit kit called Fiesta. Similar to other exploit kits, such as Blacole, it first checks your browser, version, and installed plugins. It does this to determine which exploit to use on your PC.

Malware in this family can exploit vulnerabilities in Java, Adobe Flash Player, Adobe Acrobat Reader, Microsoft Silverlight, and Internet Explorer.

They can run on your PC when you visit a hacked or malicious website.

Find out ways that malware can get on your PC.