SymbOS/Flexispy.B!tr.spy
Analysis
Install FlexiSPY?
- !:/system/apps/system/phones/flkcpr.exe (detected as SymbOS/Flexispy.B!tr.spy)
- !:/system/apps/system/phones/fxmonitor.dll (detected as SymbOS/Flexispy.B!tr.spy)
- !:/system/apps/system/phones/fxs.app (detected as SymbOS/Flexispy.B!tr.spy)
- !:/system/apps/system/phones/fxs.rsc
- !:/system/apps/system/phones/fxs_caption.rsc
- !:/system/apps/system/phones/fxsmon.exe (detected as SymbOS/Flexispy.B!tr.spy)
- !:/system/apps/system/phones/images.mbm
- !:/system/apps/system/phones/monunins.exe
- !:/system/programs/fcex.exe
- !:/system/recogs/fslrecog.mdl (detected as SymbOS/Flexispy.B!tr.spy)
- flkcpr.exe
- fxs.app
- fxsmon.exe
http: //www.{REMOVED}.com/factivation_mcli/cmd/productactivateA remote user may then access the gathered information over the internet.
Recommended Action
- flkcpr.exe
- fxs.app
- fxsmon.exe
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |