W32/VB.F!tr
Analysis
W32/VB.F!tr - 06-04-04
General Info:
This threat is a "PE" executable file, with file size 86016
Files:
- Copies itself to: undefinedSystemRootundefined/undefinedWinDirundefined
Installation to System:
- When run, it copies itself to:
undefinedSystem Folderundefined - And creates these registry entries:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Patcher = "undefinedSystem Folderundefined\scvhost.exe"
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |