Botnet C&C

Analysis

The Cidox botnet targets the Windows platform.

The malware is injected into running processes such as explorer.exe, svchost.exe, and chrome.exe. It hooks several functions within the injected process for redirecting to unwanted links.

This bot also gathers the basic information from the infected machine and communicates with its C&C server.

Instructions

Make sure that your FortiGate/FortiClient system is using the latest AV database.
Quarantine/delete files that are detected and replace infected files with clean backup copies.

ID	7629725
Created	Feb 03, 2015
Description Updated	Sep 11, 2019
Platform	Win32

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Cidox

Analysis

Instructions

Telemetry

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Botnet C&C

Cidox

Analysis

Instructions

Telemetry

Threat Intelligence
Center