virus logo Virus

W32/Agent.BU!tr

description-logoAnalysis

W32/Agent.BU!tr - 05-12-31


General Info:

This threat is a "PE" executable file, with file size 62658

Files:

  • Drop files: ".exe" + ".dll"

Installation to System:

  • Drops the following files:
    undefinedSystemFolderundefined\ibm00001.exe undefinedSystemFolderundefined\ibm00001.dll undefinedSystemFolderundefined\ibm00002.exe
  • And creates these registry entries:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Shell = ""undefinedSystemFolderundefined\ibm00001.exe""

More Info:

This trojan drops W32/Zapchast.AD!tr and W32/Small.DG!tr.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-01-30 92.01124
2023-12-22 91.09961
2023-12-21 91.09933
2022-05-25 90.02622
2021-11-16 89.06923
2021-09-03 88.00849
2021-09-03 88.00848
2021-07-20 87.00765
2020-11-09 81.70000 Sig Added
2019-12-24 74.02900 Sig Updated
ID 104030
Released Dec 31, 2005
Description
Updated		 Dec 31, 2005
Aliases W32/Agent.BU-tr
Platform Profile Win32 file format / PE 32 bit