Concrete signature match: Virus Tool - Tool used to create or modify malware for 32-bit Windows platform, family Kekeo
VirTool:Win32/Kekeo.A!MTB is a concrete detection of a malicious tool or component belonging to the Kekeo malware family. Identified through machine learning behavioral analysis, it indicates the presence of code designed to facilitate broader malicious activities with low false positive risk.
Relevant strings associated with this threat: - |#d1e49aac-8f56-4280-b9ba-993a6d77406c (NID) - }#d1e49aac-8f56-4280-b9ba-993a6d77406c (NID) - &|#b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 (NID) - &}#b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4 (NID) - y*|#56a863a9-875e-4185-98a7-b882c64b5ce5 (NID) - y*}#56a863a9-875e-4185-98a7-b882c64b5ce5 (NID) - C|#be9ba2d9-53ea-4cdc-84e5-9b1eeee46550 (NID) - C}#be9ba2d9-53ea-4cdc-84e5-9b1eeee46550 (NID) - L|#3b576869-a4ec-4529-8536-b80a7769e899 (NID) - L}#3b576869-a4ec-4529-8536-b80a7769e899 (NID) - |#5beb7efe-fd9a-4556-801d-275e5ffc04cc (NID) - }#5beb7efe-fd9a-4556-801d-275e5ffc04cc (NID) - |#01443614-cd74-433a-b99e-2ecdc07bfc25 (NID) - }#01443614-cd74-433a-b99e-2ecdc07bfc25 (NID) - |#d3e037e1-3eb8-44c8-a917-57927947596d (NID) - }#d3e037e1-3eb8-44c8-a917-57927947596d (NID) - |#7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c (NID) - }#7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c (NID) - |#92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b (NID) - }#92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b (NID)
40a4b5e54fecce52c9d8ef5b2fa3973a3dd748c5bcedd7bde1154aa4a936c2e1Immediately allow Windows Defender to quarantine or remove the detected threat. Isolate the affected system from the network, run a full system scan with updated antivirus definitions, and ensure all operating system and application security patches are applied.