Threat Library
Last updated: November 15th, 2024

IoT.Device.Gen is a Device that targets the IoT platform. Generic Device Gen refers to a generic batch of malicious or phishing content that has yet to be attributed to a specific threat.

Engine:
IPS (web)
Product:
ZIA, ZPA + ZIA
Last updated: November 15th, 2024

IoT.Device.Gen is a Device that targets the IoT platform. Generic Device Gen refers to a generic batch of malicious or phishing content that has yet to be attributed to a specific threat.

Engine:
IPS (web)
Product:
ZIA, ZPA + ZIA
Last updated: November 14th, 2024

Win64.Backdoor.BearC2 is a Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4,  …

Engine:
Sandbox
Product:
ZIA, ZPA + ZIA
Last updated: November 14th, 2024

Win32.HackTool.SharpSuite is a HackTool that targets the Win32 platform. HackTool is a different kind of Riskware that is not malicious by nature but can be used by Threat Actors to do activities like unauthorized access, fetch system, and network-related information.

Engine:
Sandbox
Product:
ZIA, ZPA + ZIA
Last updated: November 14th, 2024

Win32.PWS.MeduzaStealer is a PWS that targets the Win32 platform. A PWS, Password Stealer, is a type of Trojan that attempts to steal saved passwords from the victim's browser or other applications.

Engine:
Sandbox
Product:
ZIA, ZPA + ZIA
Last updated: November 14th, 2024

VBS.Downloader.Vidar is a Downloader that targets the VBS platform. A Downloader is a type of Trojan designed to download additional malicious payloads. Malware try to steal data or money from Victim's machine.

Engine:
Sandbox
Product:
ZIA, ZPA + ZIA
Last updated: November 14th, 2024

Win32.PWS.Hexon is a PWS that targets the Win32 platform. A PWS, Password Stealer, is a type of Trojan that attempts to steal saved passwords from the victim's browser or other applications.

Engine:
File Reputation
Product:
ZIA, ZPA + ZIA
Last updated: November 14th, 2024

Win32.PUA.iTopVPN is a PUA that targets the Win32 platform. A PUA, Potentially Unwanted Application, is a type of application that the user may not want on their system.

Engine:
File Reputation
Product:
ZIA, ZPA + ZIA
Last updated: November 14th, 2024

Summary

AZORult is an information stealer that has been active in-the-wild since 2016. It harvests and exfiltrates saved passwords, browser login credentials, cookies, history, chat sessions, cryptocurrency wallet files, and screen captures.  …

Engine:
Sandbox
Product:
ZIA, ZPA + ZIA
Last updated: November 14th, 2024

Win32.Trojan.Zipbomb is a Trojan that targets the Win32 platform. A Trojan is a type of attack that attempts to trick the victim into executing malicious packages on their system.

Engine:
Inline Yara
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

Win32.Trojan.Agent is a Trojan that targets the Win32 platform. A Trojan is a type of attack that attempts to trick the victim into executing malicious packages on their system. Agent refers to a group of generic Trojans that maintain persistence on the user's system.  …

Engine:
Inline Yara
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

Win64.Backdoor.BearC2 is a Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4,  …

Engine:
File Reputation
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

Win64.PWS.PSK is a PWS that targets the Win64 platform. A PWS, Password Stealer, is a type of Trojan that attempts to steal saved passwords from the victim's browser or other applications.

Engine:
File Reputation
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

Win64.Backdoor.BearC2 is a Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4,  …

Engine:
Inline Yara
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

VENOMOUS BEAR is a sophisticated Russia-based adversary assessed with high confidence to be attributable to the Federal Security Service (FSB) of the Russian Federation based on multiple observables including demonstrated technical capabilities, targeting profile, associations with Russian government-operated research institutes,  …

Engine:
File Reputation
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

Win64.Trojan.DllHijacker is a Trojan that targets the Win64 platform. A Trojan is a type of attack that attempts to trick the victim into executing malicious packages on their system.

Engine:
Inline Yara
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

Win64.Trojan.DllHijacker is a Trojan that targets the Win64 platform. A Trojan is a type of attack that attempts to trick the victim into executing malicious packages on their system.

Engine:
File Reputation
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

Win32.HackTool.SharpHound is a HackTool that targets the Win32 platform. HackTool is a different kind of Riskware that is not malicious by nature but can be used by Threat Actors to do activities like unauthorized access, fetch system, and network-related information.

Engine:
Sandbox
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024

Win32.PWS.Amadey is a PWS that targets the Win32 platform. A PWS, Password Stealer, is a type of Trojan that attempts to steal saved passwords from the victim's browser or other applications.

Engine:
Inline Yara
Product:
ZIA, ZPA + ZIA
Last updated: November 13th, 2024
Engine:
Malware
Product:
ZIA, ZPA + ZIA
Threat 1 / 600