W32/STRAT.EQ!tr

Alias/esEmail-Worm.Win32.Warezov.eu, TROJ_STRAT.EQ, W32/Strati-Gen, W32/Warezov.FC, W32/Warezov.gen3!W32DL, Win32.Warezov.DO@mm, Win32/Stration.LZ
Release DateOct 26, 2006
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 11.584
Description

Visible Symptoms

  • Possible firewall alert that an executable is attempting to connect to the internet.
  • System is also infected with W32/Stration.DS@mm.
  • A fake error message box is displayed.

Detailed Analysis

  • Displays the following message box:
    Title: Error
    Message: Unknown error
  • Downloads a file from the following URL, then executes it:
    http://www6.fand[REMOVED]nha.com/chr/829/nt.exe
    This file is detected as W32/Stration.DS@mm.
Reference: ID - 300640