none
Trojan:Win32/Bluteal.B!rfn on Microsoft CRM False Positive?

    Question

  • Just starting yesterday and mostly today, a bunch of computers in our organization have been receiving this malware alert. Wondering if anyone else has been getting these.

    Malware Name: Trojan:Win32/Bluteal.B!rfn Number of infections: 14 Last detection time(UTC time): 6/1/2018 1:29:02 PM

    These are the infections of this malware:

    Detection time(UTC time): 6/1/2018 1:29:02 PM Malware file path: file:_C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Ccffd7ec0#\b79d96560cbe930cb6fd07819678953d\Microsoft.Crm.Platform.Sdk.ni.dll

    Remediation action: Quarantine

    Action status: Succeeded

    Friday, June 01, 2018 2:07 PM

All replies

  • Yes!  We just started to get these as well.  I'm glad to hear i'm not alone.
    Monday, June 04, 2018 6:07 PM
  • https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Bluteal.B!rfn&ThreatID=-2147239982


    Rob

    Monday, June 04, 2018 6:18 PM
  • If your automatic sample submission and cloud protection is on, this sample will be shared with Microsoft Anti-Malware team and they will investigate it. But if you want to check it manually, try submit sample to Microsoft Anti-Malware team:

    https://www.microsoft.com/en-us/wdsi/filesubmission

    And you may use submission ID to contact Microsoft support and check with them or wait for response from support engineers. Just with the name and location, we won't know whether it is safe or not and we need actual sample.

    Monday, June 18, 2018 5:46 PM