virus logo Virus

MSIL/AndroxGhost.HACK!tr

description-logoAnalysis

MSIL/AndroxGhost.HACK!tr is classified as a trojan.
A trojan is a type of malware that performs activites without the user’s knowledge.
Below are some of its observed characteristics/behaviours:

  • This malware is related to the AndroxGhost outbreak.

  • This malware is a hack tool. Attackers may leverage this tool to steal sensitive data, such as access keys. The compromised credentials may then be used in malicious ways such as phishing, spamming, or malicious email campaigns.

  • Following are some of the exact file hashes associated with this detection:
    • Md5: 04d665daefd085054664799a799410ac
      Sha256: 319e572856a098f7beb8a07a4955e2ba823e24e31b84dfdd714bfcd5acf47a28

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
Extreme
FortiAPS
FortiAPU
FortiMail
Extreme
FortiSandbox
Extreme
FortiWeb
Extreme
Web Application Firewall
Extreme
FortiIsolator
Extreme
FortiDeceptor
Extreme
FortiEDR

Version Updates

Date Version Detail
2023-11-20 91.08976
2023-01-27 91.00036
ID 10121809
Released Jan 27, 2023
Description
Updated		 Jan 27, 2023
Aliases Trojan-Spy.MSIL.Stealer.gen
Platform Profile Microsoft Intermediate Language (used for MSIL compiled binaries)