This application requires Javascript for optimal performance.

W32/Stration.FR@mm - Released Nov 07, 2006 - Last Updated Mar 13, 2007

Alias/es

Email-Worm.Win32.Warezov.fh, Troj/StraDr-Gen, TROJ_STRAT.FN, W32/StraDr.FN!tr, W32/Warezov.gen4, Win32/Stration

Detection Availability

	Active Database	Extended Database
FortiGate		low high
FortiClient
FortiMail		N/A

Visible Symptoms

The file aaaaaaaaaa.exe exists in the System folder.
System is also infected with W32/Stration.DT@mm and W32/Stration.DS@mm.

Detailed Analysis

Samples are packed with UPX.
Drops the file aaaaaaaaaa.exe in the System folder, and executes it. This file is detected as W32/Stration.DT@mm. It downloads a file from a remote web site and saves it with a temporary filename into the Temporary folder. This downloaded file is detected as W32/Stration.DS@mm.

Recommended Action

FortiGate Systems

Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.

Reference: ID - 306125

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2011 Fortinet Inc. All Rights Reserved