virus logo Virus

W32/Sunburst.A!tr

description-logoAnalysis

W32/Sunburst.A!tr is a generic detection for a trojan that was involved in the high profile SolarWinds Orion and Fireeye incidence affecting multiple organizations worldwide.
More details about this indidence on Supply Chain Attack on SolarWinds Orion Platform

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Detection Availability

FortiGate
FortiClient
FortiAPS
FortiAPU
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-11-18 92.08896
2024-08-21 92.06732
2023-12-08 91.09537
2023-07-25 91.05424
2021-12-07 89.07553
2021-08-04 88.00129
2021-08-03 88.00101
2021-07-06 87.00429
2021-06-29 87.00261
2021-05-19 86.00293
ID 8279742
Released Dec 15, 2020
Description
Updated		 Jan 07, 2021
Aliases Backdoor.Win32.SUNBURST.A,Backdoor.MSIL.Sunburst.d,HEUR:Backdoor.MSIL.SunBurst.gen
Platform Profile Win32 file format / PE 32 bit
Profile Type Trojan