W32/Sasfis.BLN!tr.dldr - Released Jul 05, 2010 - Last Updated Jul 07, 2010
|
Alias/esTrojan.Win32.Oficla.bt (KAV), Trojan horse Cryptic.AMB (AVG) |
Detection Availability
|
Visible Symptoms
- The following files exist:
- %Temp%\[Number].tmp
- %System%\thxr.wgo
- Possible firewall alert that an executable is attempting to connect to the internet.
|
Detailed Analysis
The behavior of this trojan is the same as W32/Sasfis.1BE6!tr.
|
Recommended ActionFortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
|