W32/Small.DHT!tr.dldr
Analysis
66.235.181.40
217.107.217.184
85.255.117.155
64.111.210.10
67.29.139.220
216.130.174.93
209.160.64.135
undefinedUser Folderundefined\Local Settings\Temp\qvxt2.game detected as W32/Dloader.F!tr
undefinedUser Folderundefined\Local Settings\Temp\qvxt3.game detected as W32/Dloader.F!tr
undefinedUser Folderundefined\Local Settings\Temp\qvxt4.game detected as W32/FPUJunk!tr
undefinedSystemdirundefined\qvxgamet4.exe detected as W32/FPUJunk!tr
undefinedSystemdirundefined\qvxgamet3.exe detected as W32/Dloader.F!tr
undefinedSystemdirundefined\qvxgamet2.exe detected as W32/Dloader.F!tr
file qvxt1.game is a none malicious HTML file
which will make the malware execute as a service.
Recommended Action
- check the main screen using the web interface to ensure the latest AV/NIDS database has been downloaded
and installed -- if required, enable the "
Allow Push Update" option
- Quarantine/Delete infected files detected and replace
infected files with clean backup copies
FortiGate systems:
FortiClient systems:
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |