Concrete signature match: Trojan - Appears legitimate but performs malicious actions for .NET (Microsoft Intermediate Language) platform, family XWormRAT
This threat is a Remote Access Trojan (RAT) from the XWormRAT family, detected by machine learning behavioral analysis. It is designed to grant an attacker full remote control over the infected machine, enabling data theft, keystroke logging, and deployment of further malware.
No specific strings found for this threat
2308bb46acec261999dd1455b9586ac7ebf3f677630e04256807130a6322e62e661481bcb96c23a0add2db58217ea0e2c162cbd6340365a92eca0cf96996e0883845ad8b92bf909843c14f50367c81c5583fc8bce481faa95eb6ffb2cfed59f1f423abf74d7dcf81f7b72bf6610c04807aa2d6039301c8935e4e1dcf7e7be132e0105c7b151f4d6b2056accc32677e459a549c3a54ca231c380bd9fcdf989e7dIsolate the affected machine from the network immediately. Use Windows Defender to perform a full scan and remove the detected threat. Investigate the initial access vector and change all user credentials on the compromised system.