We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:Win32/Chopper.A
Aliases: Trojan horse Atros.DBG (AVG) W32/Backdoor.YZPI-7423 (Command) BackDoor.Chopper.1 (Dr.Web) Win32/Chopper.A trojan (ESET) W32/Chopper.A!tr (Fortinet) Trojan-PWS.Win32.Ldpinch (Ikarus) HackTool.Win32.WebShell.f (Kaspersky) Troj/Chopper-A (Sophos) Backdoor.Hadmad (Symantec) BKDR_CHOPPER.B (Trend Micro)
Summary
This threat is a backdoor trojan with the following components:
- Web shell command-and-control (C2) client binary
- Text-based Web shell payload (server component)
A trojan might steal your personal information, download more malware, or give a malicious hacker access to your device.
For information about this trojan and other human-operated malware campaigns, read these blog posts:
Microsoft Defender Antivirus automatically removes threats as they are detected. However, many infections can leave remnant files and system changes. Updating your antimalware definitions and running a full scan might help address these remnant artifacts.
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.
