Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
23 entries found.
Displaying page 1
of 2.
Win32/Cutwail
Windows Defender detects and removes this threat.
This threat downloads and runs files on your PC, including a trojan that sends spam emails. It can also steal your email user names and passwords, as well as your FTP credentials, using a plugin detected as PWS:Win32/Fareit.gen!C.
This threat also uses a rootkit and other defensive techniques to avoid detection and removal.
Alert level:
severe
VirTool:WinNT/Cutwail.J
VirTool:WinNT/Cutwail.J is the detection for the driver component that is a member of the Win32/Alureon family.
Alert level:
severe
TrojanDropper:Win32/Cutwail.AD
TrojanDropper:Win32/Cutwail.AD is a trojan that drops TrojanDownloader:Win32/Cutwail, a trojan that downloads and executes predefined malicious files.
Alert level:
severe
Trojan:WinNT/Cutwail.AK
Trojan:Win32/Cutwail.AK!sys is a trojan that usually arrives in a system with TrojanDownloader:Win32/Cutwail.S. Its primary function is to inject TrojanDownloader:Win32/Cutwail.S into the services.exe process in order to bypass the firewall.
Alert level:
severe
TrojanDownloader:Win32/Cutwail.gen!B
TrojanDownloader:Win32/Cutwail.gen!B is a trojan that injects another malware into the svchost.exe process to be able to bypass the firewall. It also creates another device, which is used to communicate with other malware components. It may also connect to various IP addresses, presumably to download other malware.
Alert level:
severe
VirTool:WinNT/Cutwail.K
Cutwail is a trojan which is able to download and executes arbitrary files. Downloaded files may be executed from disk or injected directly into another process. Whilst the functionality of the files that are downloaded may change, Cutwail usually downloads a trojan which is able to send spam. Cutwail also employs rootkit and other defensive techniques to avoid detection and removal.
VirTool:WinNT/Cutwail.K is a device driver component (rootkit) used by Cutwail malware family.
It contains functionality to modify the system's winlogon.exe.
Alert level:
severe
Backdoor:WinNT/Tofsee.gen!A
Backdoor:WinNT/Tofsee.gen!A is a generic detection for variant components of Backdoor:WinNT/Tofsee. WinNT/Tofsee.gen!A is dropped by TrojanDropper:Win32/Tofsee.A and is generally accompanied with Backdoor:Win32/Tofsee.F.
Alert level:
severe
Trojan:Win32/Sanpec.gen!A
Win32/Sanpec.gen!A is a generic detection for obfuscated samples of password-stealing trojans that target confidential data, such as account information, from the online games "QQ Fantasy Online", "Dream Journey To The West Online", and "Lineage 2".
Alert level:
severe
TrojanDownloader:Win32/Renos.AW
TrojanDownloader:Win32/Renos.AW is a detection for a trojan that connects to certain websites and downloads other unwanted software and malware, such as Trojan:Win32/FakeSecSen, Trojan:Win32/Bohmini and other Win32/Renos components.
Alert level:
severe
Virus:Win32/Cutwail.F
Virus:Win32/Cutwail.F is a member of Win32/Cutwail - a multi-component family of malware that downloads and executes arbitrary files. This functionality is mostly used to install additional Cutwail components, and other malware on an affected machine. In general, the Cutwail family is used to compromise machines and direct them in various ways at the attacker's will, usually for monetary gain. This could include using the affected machine to distribute additional malware, send spam, generate 'pay per click' advertising revenue, harvest e-mail addresses, and break captchas. Its components are varied, but include trojan downloaders and droppers, spammers, rootkits and viruses. Cutwail also employs a rootkit and other defensive techniques to avoid detection and removal.
Alert level:
severe
Virus:Win32/Cutwail.G
Virus:Win32/Cutwail.G is a member of Win32/Cutwail - a multi-component family of malware that downloads and executes arbitrary files. This functionality is mostly used to install additional Cutwail components, and other malware on an affected machine. In general, the Cutwail family is used to compromise machines and direct them in various ways at the attacker's will, usually for monetary gain. This could include using the affected machine to distribute additional malware, send spam, generate 'pay per click' advertising revenue, harvest e-mail addresses, and break captchas. Its components are varied, but include trojan downloaders and droppers, spammers, rootkits and viruses. Cutwail also employs a rootkit and other defensive techniques to avoid detection and removal.
Alert level:
severe
Virus:Win32/Cutwail.H
Virus:Win32/Cutwail.H is a member of Win32/Cutwail - a multi-component family of malware that downloads and executes arbitrary files. This functionality is mostly used to install additional Cutwail components, and other malware on an affected machine. In general, the Cutwail family is used to compromise machines and direct them in various ways at the attacker's will, usually for monetary gain. This could include using the affected machine to distribute additional malware, send spam, generate 'pay per click' advertising revenue, harvest e-mail addresses, and break captchas. Its components are varied, but include trojan downloaders and droppers, spammers, and viruses. Cutwail also employs a rootkit and other defensive techniques to avoid detection and removal.
This particular component is used in conjunction with other Cutwail components to perform Cutwail's payload - to download and execute arbitrary files.
Alert level:
severe
VirTool:WinNT/Cutwail.gen!F
VirTool:WinNT/Cutwail.gen!F is a generic detection for a driver component of Win32/Cutwail - a family of trojans which downloads and executes arbitrary files.
Alert level:
severe
Virus:WinNT/Cutwail.gen!B
Virus:WinNT/Cutwail.A is a detection for a file that runs other components of the Win32/Cutwail family.
Alert level:
severe
PUA:Win32/Cutwail
Alert level:
severe
Trojan:Win32/Cutwail
Alert level:
severe
TrojanDownloader:Win32/Cutwail.W
TrojanDownloader:Win32/Cutwail.W is a generic detection for a trojan that downloads other malware from various websites.
Alert level:
severe
Spammer:Win32/Cutwail
Alert level:
severe
Behavior:Win32/Cutwail
Alert level:
severe
TrojanSpy:Win32/Cutwail
Alert level:
severe