VirusW32/Dialler
Analysis
- Threat is 32bit with a sizes ranging between 17Kb
and 20Kb
- Threat was sent as spam and in mass-mailings in
an attempt lure unsuspecting dial-up modem users to
dial sex phone numbers for monetary gain
- In some cases, the threat presents itself as an
“Internet Sex Explorer” with capability
to connect to websites via VPN
- Threat may install itself into the Windows\System
folder in a new folder named “windialup”
as in
C:\Windows\System\windialup\filename.exe
Telemetry
Detection Availability
| FortiClient | |
|---|---|
| Extreme | |
| FortiMail | |
| Extreme | |
| FortiSandbox | |
| Extreme | |
| FortiWeb | |
| Extreme | |
| Web Application Firewall | |
| Extreme | |
| FortiIsolator | |
| Extreme | |
| FortiDeceptor | |
| Extreme | |
| FortiEDR |