W32/Agent.BL!tr

description-logoAnalysis

W32/Agent.BL!tr - 06-04-04


Files:

  • Copies itself to: undefinedSystemRootundefined/undefinedWinDirundefined
  • Drop files: data

Installation to System:

  • When run, it copies itself to:
    undefinedSystem Folderundefined
  • And creates these registry entries:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\INTEL Version = "3.4.1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run Service = "shell32.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit = "System Folderundefined\userinit.exe,kernel32.exe"

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-03-27 92.02831
2024-03-20 92.02624
2024-03-18 92.02564
2024-03-12 92.02391
2024-03-11 92.02346
2024-03-06 92.02185
2024-02-17 92.01655
2024-02-07 92.01354
2024-02-01 92.01177
2024-02-01 92.01176