Concrete signature match: Trojan - Appears legitimate but performs malicious actions for 64-bit Windows platform, family DonutLoader
This detection identifies DonutLoader, a sophisticated malware loader designed to execute additional malicious payloads in memory. The malware uses advanced evasion techniques, including API hashing and anti-sandbox checks, to stealthily deliver and run other threats like ransomware or spyware on the compromised system.
No detailed analysis available from definition files.
b4c0fb08f1de646da49b98400e67c2a6d5d6ad6e5fe816e37244fd9d1da00074bc64c13545032d1db5f783a9972eace89449a6c331ae86e45edf25f2c3e20ec33d84b842c795e207653297785e72d85aaa1b54d0897975b4d69fbad5d0a6d515Isolate the affected host from the network immediately. Perform a full system scan with an updated antivirus tool to remove the threat. Investigate for persistence mechanisms and any secondary payloads that may have been downloaded.