W32/Brontok.D@mm
Analysis
W32/Brontok.D@mm - 06-10-06
More Info:
- c:\C:\Documents and Settings\[user]\Local Settings\Application Data\csrss.exe
- c:\C:\Documents and Settings\[user]\Local Settings\Application Data\inetinfo.exe
- c:\C:\Documents and Settings\[user]\Local Settings\Application Data\lsass.exe
- c:\C:\Documents and Settings\[user]\Local Settings\Application Data\services.exe
- c:\C:\Documents and Settings\[user]\Local Settings\Application Data\smss.exe
- c:\C:\Documents and Settings\[user]\Local Settings\Application Data\svchost.exe
- c:\windows\system32\cmd-bro-mmx.exe
- key: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
- value: NoFolderOptions
- data: 1
- key: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
- value: DisableCMD
- data: 0
- key: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
- value: Hidden
- data: 0
- key: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
- value: HideFileExt
- data: 1
- key: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
- value: ShowSuperHidden
- data: 0
Telemetry
Detection Availability
FortiGate | |
---|---|
FortiClient | |
FortiAPS | |
FortiAPU | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2023-09-25 | 91.07290 | |
2020-05-05 | 77.20300 | Sig Updated |
2020-04-28 | 77.03500 | Sig Updated |
2020-02-26 | 75.54000 | Sig Updated |
2020-02-24 | 75.51500 | Sig Updated |
2019-11-25 | 73.33700 | Sig Updated |
2019-10-23 | 72.53400 | Sig Updated |
2019-10-23 | 72.53300 | Sig Updated |
2019-10-23 | 72.53200 | Sig Updated |
2019-08-06 | 70.52600 | Sig Updated |