This application requires Javascript for optimal performance.

W32/Small.FG!tr.dldr - Released Oct 08, 2006

Alias/es

Trojan-Downloader.Win32.Small.fg, Troj/Small-AUW, TROJ_SMALL.FG

Detection Availability

Active DatabaseExtended Database
FortiGate
low
high
FortiClient
FortiMail N/A

Visible Symptoms

  • The file "tcpip32.exe" may exist in the %WINDOWS% folder.
  • Possible firewall alert that an executable attempting to connect to the Internet.

    • Detailed Analysis

    W32/Small.FG!tr.dldr - 06-10-08


    More Info:

  • Creates the following registry key:
    • HKLM\SOFTWARE\tcpip32\1005
  • Downloads malicious file from the following URL:
    • http:\\download.{REMOVED}.info\packages\tcpip32.exe
    saves it as %WINDOWS%\tcpip32.exe and executes.

    Reference: ID - 88833