Virus

W32/Delf!tr

Analysis

  • Trojan is 32bit with a compressed file size of 17,920 bytes
  • Trojan may have been installed by W32/Sobig-mm
  • Trojan functions as a keylogger, tracking keys typed in the keyboard to a
    file for use by a remote access Trojan component
  • Trojan may exist as the file name "ndrbk32.dll" or other .DLL file name
    in the Windows\System folder

Recommended Action

Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option