W32/MyDoom.M@mm
Analysis
- key: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- value: Traybar
- data: undefinedWINDOWSundefined\lsass.exe
- rctrl_renwnd32
- ATH_Note
- IEFrame
Network Propagation
- incoming
- ftproot
- download
- shar
[Filename] is one of the following:
- index
- Kazaa Lite
- Harry Potter
- ICQ 4 Lite
- WinRAR.v.3.2.and.key
- Winamp 5.0 (en) Crack
- Winamp 5.0 (en)
- ShareReactor
- exe
- com
- scr
Email Propagation
Subject: One of the following:
- report
- Server Report
- hello
- picture
- Status
- test
- Error
- Mail Delivery System
- Mail Transaction Failed
- Mail server report
- The message contains Unicode characters and has been sentas a binary attachment.
- Mail transaction failed. Partial message is available.
- The message cannot be represented in 7-bit ASCII encodingand has been sent as a binary attachment.
[Filename] can be any one of the following:
- message
- document
- attachment
- text
- file
- letter
- transcript
- readme
- cmd
- bat
- pif
- scr
- exe
Recommended Action
-
FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
Telemetry
Detection Availability
FortiGate | |
---|---|
FortiClient | |
FortiAPS | |
FortiAPU | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2022-05-11 | 90.02205 | |
2022-05-11 | 90.02204 | |
2021-08-17 | 88.00428 | |
2021-06-01 | 86.00601 | |
2021-01-05 | 83.07500 | Sig Updated |
2020-11-24 | 82.07300 | Sig Updated |
2020-10-16 | 81.12600 | Sig Updated |
2020-09-10 | 80.26600 | Sig Updated |
2019-08-20 | 71.01900 | Sig Updated |
2019-07-04 | 69.74600 | Sig Updated |