Concrete signature match: Trojan - Appears legitimate but performs malicious actions for .NET (Microsoft Intermediate Language) platform, family XWorm
Trojan:MSIL/XWorm.PX!MTB is a highly malicious XWorm Trojan variant, targeting .NET applications, identified through machine learning behavioral analysis. This threat functions as a Remote Access Trojan (RAT), enabling attackers to gain control over the infected system, steal sensitive data, and potentially deploy further malware like ransomware. Its concrete detection type and low false positive risk confirm it as a serious and active threat.
No specific strings found for this threat
9b7023ed9d783bf33aa0178b91f82c2e6e7d69cd5db878845171fde65481bb4bImmediately isolate the affected system from the network. Perform a full system scan with updated antivirus software, then thoroughly investigate for persistence mechanisms, exfiltration attempts, and any new or modified system configurations. Reset all critical credentials used on the compromised system and, if possible, restore from a known clean backup.