Virus

W32/Vixup.F!tr

Analysis

This Trojan downloads files from the domain 'evko.biz'. The files are retrieved as

3.exe
2.exe
1.exe

and installed to the local system. The downloaded files are also Trojans that download other components.

Recommended Action


    FortiGate systems:
  • check the main screen using the web interface to ensure the latest AV/NIDS database has been downloaded and installed -- if required, enable the "Allow Push Update" option