Virus

Riskware/KuaiZip

Analysis

Riskware/KuaiZip is a generic detection for a Riskware.
Since this is a generic detection, malware that are detected as Riskware/KuaiZip may have varying behaviour.
Below are some of its observed characteristics/behaviours:

This Riskware has been observed to connect to new[Removed].7654.com/mini_new3/jsb/

The Riskware displays an Adult Oriented User Interface:
Figure 1: Interface.

Recommended Action

Make sure that your FortiGate/FortiClient system is using the latest AV database.
Quarantine/delete files that are detected and replace infected files with clean backup copies.

Detection Availability

FortiGate
FortiClient
FortiAPS
FortiAPU
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date	Version	Detail
2024-11-20	92.08943
2024-11-19	92.08916
2024-11-18	92.08895
2024-11-17	92.08873
2024-11-16	92.08842
2024-11-15	92.08834
2024-11-15	92.08815
2024-11-15	92.08814
2024-11-14	92.08810
2024-11-14	92.08806

ID	7006110
Released	Mar 18, 2016
Description Updated	Feb 26, 2020
Aliases	not-a-virus:HEUR:RiskTool.Win32.KuaiZip.gen,PUP-XHW-XZ application,TROJ_GEN.R057C0PBP20,Win32/KuaiZip.W potentially unwanted application
Platform Profile	Riskware is a term for potentially unwanted or dangerous software programs that do not fall under Adware. They could be legitimate software applications that may be misused and pose possible security risks to users.
Profile Type	Trojan