W32/Bifrose.D!tr.bdr
Analysis
W32/Bifrose.D!tr.bdr - 06-10-05
More Info:
- System.exe
- Plugin1.dat
- key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- value: system
- data: c:\windows\system.exe
- key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- value: system
- data: c:\windows\system32\system.exe
- key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- value: system
- data: c:\windows\system32\system.exe
- key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- value: system
- data: c:\windows\system.exe
- key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}
- value: stubpath
- data: c:\windows\system.exe
- key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}
- value: stubpath
- data: c:\windows\system32\system.exe
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |