W32/Agent.YIJ!tr
Analysis
W32/Agent.YIJ!tr is a generic detection for a trojan.
Since this is a generic detection, malware that are detected as W32/Agent.YIJ!tr may have varying behaviour.
- This malware uses various icons to disguise itself:
- Figure 1: Icons.
- During our tests the only observable effects of this malware was the Injection to some host system processes.
- Some instance of this malware appear to be damaged.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |