virus logo Virus

Riskware/CVE202144228

description-logoAnalysis


Riskware/CVE202144228 is a detection that has been associated with log4j vulnerability.
This malware has been associated with the following article/advisory.
CVE-2021-44228
Apache Log4J Remote Code Execution Vulnerability (CVE-2021-44228)

  • Following are some of the near/exact IOCs/file hash associated with this detection:
    • Md5: 05ad18b618d5fdd5a42843c5b67af9a5
      Sha256: 2ac32f6f69c1055eb0a5f74ff1ff9bba120a3a1ee507a5999f219fa47e21ba3e
    • Md5: 85bd665a135a7effd6907307263e1076
      Sha256: 11285de462f8148b55ed0fe3c464bf96da06f5d88ac9b8cfe5c71dc55161dcae

    • recommended-action-logoRecommended Action

    • Make sure that your FortiGate/FortiClient system is using the latest AV database.
    • Quarantine/delete files that are detected and replace infected files with clean backup copies.

    Telemetry logoTelemetry

    Detection Availability

    FortiGate
    Extended
    FortiClient
    FortiMail
    FortiSandbox
    FortiWeb
    Web Application Firewall
    FortiIsolator
    FortiDeceptor
    FortiEDR

    Version Updates

    Date Version Detail
    2023-11-20 91.08976
    2021-12-21 89.07965
    2021-12-20 89.07952
    2021-12-17 89.07863
    2021-12-17 89.07861
    2021-12-17 89.07860
    ID 10072825
    Released Dec 20, 2021
    Description
    Updated    		 Dec 17, 2021
    Aliases log4j,tsunami,CVE-2021-44228,Mirai
    Platform Profile Riskware is a term for potentially unwanted or dangerous software programs that do not fall under Adware. They could be legitimate software applications that may be misused and pose possible security risks to users.