{
  "family": "high",
  "sample_count": 8417,
  "category": "generic_detection",
  "description": "High is an avclass label that aggregates samples receiving generic high-severity classification across multiple AV engines without consensus on a specific family. Records under this label should be treated as confirmed malicious but unclassified, and warrant further analysis to determine the actual family if attribution is needed for incident response.",
  "cta": "If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance.",
  "aliases": [],
  "enrichment_level": "hand-curated",
  "faq": [
    {
      "@type": "Question",
      "name": "What is High?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "High is an avclass label that aggregates samples receiving generic high-severity classification across multiple AV engines without consensus on a specific family. Records under this label should be treated as confirmed malicious but unclassified, and warrant further analysis to determine the actual family if attribution is needed for incident response."
      }
    },
    {
      "@type": "Question",
      "name": "How does High spread?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "High is a generic heuristic detection name used by some AV vendors for files exhibiting high-risk behavior, so it does not represent a single family or spread vector."
      }
    },
    {
      "@type": "Question",
      "name": "What are the signs of a High infection?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "Because High is a heuristic label, indicators depend on the underlying sample but generally include high entropy, packed code, evasive behaviors, and anti-analysis tricks."
      }
    },
    {
      "@type": "Question",
      "name": "What should I do if I think I have High on my system?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance."
      }
    }
  ],
  "faq_count": 4,
  "mitre_attack": [],
  "cisa_advisory": null,
  "last_updated": "2026-05-27"
}