Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 32-bit Windows platform, family SalatStealer
Trojan:Win32/SalatStealer.NS!MTB is a credential-stealing malware detected by Windows Defender's machine learning behavioral analysis. Its primary function is to exfiltrate sensitive data from the infected system, including browser passwords, cookies, system information, and cryptocurrency wallet data, posing a direct threat to user privacy and financial security.
No detailed analysis available from definition files.
5ed1dbf94569575ad1483e2390ed54fafa05bb601d38bf7d5676231f799b2bd5440cbbef14f6297e19982aa6b51430666463e4239b0f1d289acf74b7cb334293b2dc910d8f6f08ebcdec2b6e4af704a87f0199c25a82418a2fd79ea5ec386886a009d752494145c288387e586779a884b3f9729d6c0edab567ad5af122f7d4781. Isolate the affected machine from the network to prevent data exfiltration and lateral movement. 2. Use Windows Defender to perform a full scan and remove the detected threat. 3. Immediately change passwords for all critical accounts (email, banking, social media) accessed from this device. 4. Enable multi-factor authentication (MFA) on all sensitive accounts.