Home / malwarePDF  

Trojan:Win32/Powessere.H


First posted on 05 September 2019.
Source: Microsoft

Aliases :

There are no other names known for Trojan:Win32/Powessere.H.

Explanation :

This trojan is malicious behavior associated with Kovter and other sophisticated fileless malware. These malware avoid leaving files on the disk by launching malicious routines in script code stored directly as command line arguments. This trojan, in particular, is a detection for behavior that uses the legitimate file mshta.exe to run specific malicious JavaScript and VBScript code. Here is a sample of what the command line detected as this trojan can look like:  %System%/mshta.exe mshta javascript:  

Last update 05 September 2019

 

TOP