virus logo Virus

Malware_fam.gw

description-logoAnalysis


 Malware_fam.gw is a highly generic detection for a trojan. This detection does not specifically classify any type or family of malware, but is simply a generic detection name wherein at the moment of detection release no initial identification was able to be derived during that time. Since this is a generic detection, malware that are detected as Malware_fam.gw may have varying behaviour.
Below are examples of some of these behaviours:

  • Some of the samples belonging to this detection are Banker Related Trojans.

  • Another noticeable characteristics is that some of the samples are in SFX distributable form.

  • Some instances are possible spyware related tools.

  • Some instances are presented as keylogger.

  • During the time of our tests some of the samples attempted connection to a certain aishu{Removed}.com

  • Below are some of the illustration:

    • Figure 1: Keylogger.


    • Figure 2: SFX distributed.

    • Figure 3: UI.



recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
FortiClient
FortiAPS
FortiAPU
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-04-22 92.03607
2024-04-10 92.03247
2024-02-12 92.01512
2023-12-18 91.09831
2023-10-15 91.07907
2023-10-10 91.07737
2023-09-29 91.07416
2023-09-19 91.07104
2023-08-28 91.06450
2023-08-08 91.05844
ID 1769846
Released Mar 19, 2018
Description
Updated		 Apr 20, 2010
Aliases Application.Keylogger.Ardamax.Gen, Ardamax, DeepScan:Generic.PWStealer.374FEFD3, Downloader-BSC trojan, Dropped:Generic.Banker.Delf.7A214D5F, Dropped:Trojan.Generic.9026230, Gen:Win32.Malware.xmJfaikalRek, Generic Dropper.i trojan, Generic PUP.g a