Concrete signature match: Trojan - Appears legitimate but performs malicious actions for .NET (Microsoft Intermediate Language) platform, family Zilla
This threat is a Trojan from the Zilla malware family, identified by its suspicious behavior through machine learning analysis (!MTB). This malware family is typically associated with information-stealing, attempting to exfiltrate sensitive data like user credentials and system information. The detection is considered high-confidence despite being behavioral.
No specific strings found for this threat
7212509bf08daa26e936de56ddd4d513dc5f18660cd303cf3e05dbb91fdade72e1db8c13858ec08213858d9a8348519cc94a71d05fa4b893d93aa4ccf1927af3f5253bc6fd4e5428fc42c6827a3b2906ca00f14d50a4ee0f35449c341a1982bb1. Isolate the affected host from the network immediately. 2. Use Windows Defender to remove the threat or restore the machine from a known-good backup. 3. Reset all user credentials and secrets that were stored on or accessed from the compromised system.