W32/Stration.DU@mm

description-logoAnalysis

  • Copies itself to the System folder using a random filename.
  • Displays the following message box:
    Title: Error
    Message: Unknown error
  • Downloads a file from the following URL, then executes it:
    http://www6.endf{REMOVED}ihus.com/chr/835/nt.exe
    This file is detected as W32/Stration.DS@mm.

recommended-action-logoRecommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extreme
FortiClient
Extended
FortiMail
Extended
FortiSandbox
Extended
FortiWeb
Extended
Web Application Firewall
Extended
FortiIsolator
Extended
FortiDeceptor
Extended
FortiEDR