user@threatcheck.sh ~ threat-analysis
bash
$ analyze-threat Trojan:Script/Wacatac.H!ml
Trojan:Script/Wacatac.H!ml - Windows Defender threat signature analysis

Trojan:Script/Wacatac.H!ml - Windows Defender Threat Analysis

$ cat analysis.txt
=== THREAT ANALYSIS REPORT ===
Threat Name: Trojan:Script/Wacatac.H!ml
Classification:
Type:Trojan
Platform:Script
Family:Wacatac
Detection Type:Concrete
Known malware family with identified signatures
Variant:H
Specific signature variant within the malware family
Suffix:!ml
Identified through machine learning models
Confidence:Very High
False-Positive Risk:Low

Concrete signature match: Trojan - Appears legitimate but performs malicious actions for Script platform, family Wacatac

Summary:

Trojan:Script/Wacatac.H!ml is a malicious script belonging to the Wacatac trojan family, a widespread and dangerous malware. This threat is primarily designed to steal sensitive information such as user credentials and banking details, and it frequently acts as a dropper to download and execute additional malware, including ransomware.

Severity:
High
VDM Static Detection:
No specific strings found for this threat
Known malware which is associated with this threat:
Filename: nIMG_20112025_0009.bz2
a3f17fcd3c0d2156febcb8bd138b4f50ad2bb776fcc88ecce420d20316d02a7c
20/11/2025
VirusTotalDownload Sample
Remediation Steps:
Isolate the affected machine from the network immediately. Perform a full system scan with an updated antivirus solution to remove the threat. Reset passwords for all accounts used on the machine and monitor for signs of further compromise, as data theft is a primary objective of this malware.
=== END REPORT ===
$ reanalyze-threat
This analysis was last updated on 20/11/2025. Do you want to analyze it again?
$ ls available-commands/
→ cd /home
user@threatcheck.sh:~$