We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Win32/Zafi
Detected by Microsoft Defender Antivirus
Aliases: W32/Zafi@mm (McAfee) W32.Erkez@mm (Symantec) W32/Zafi@mm (Sophos) W32/Zafi.Worm (Panda)
Summary
Windows Defender Antivirus detects and removes this threat.
Win32/Zafi is a family of mass-mailing worms. The worm sends itself to email addresses that it finds on the infected PC.
It may terminate processes that relate to system utilities and security products. It may change security-related registry key values. Some variants also copy the worm to network-share folders.
Follow us
