virus logo Virus

Malware_fam.A

description-logoAnalysis


  • This is a generic detection for files that appear to resemble a trojan. Files identified should be sent to Fortinet for research and analysis.

  • The detection is based on features or characteristics of the file such as its encryption algorithm, restrictions on file size, section sizes and so on.

  • Some common examples of the behavior of these files are:
    • Create autostart registry entries
    • Download a component of itself and execute it
    • Install a bot component to enable remote access of the infected host
    • Connect to a remote site
    • May have the ability to update itself or its download components
    • Exploit a known Windows vulnerability to spread itself


recommended-action-logoRecommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
    FortiClient Systems
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2023-10-15 91.07907
2022-05-25 90.02622
2022-01-25 89.09023
2020-03-27 76.26900 Sig Updated
2019-05-21 68.68100 Sig Updated
2019-04-24 68.03900 Sig Updated
ID 1488381
Released Jan 21, 2010
Description
Updated		 Jul 14, 2010
Aliases W32/Malware (F-Prot), Mal/Behav (Sophos)