W32/Agent.NAN!tr
Analysis
W32/Agent.NAN!tr - 06-04-27
General Info:
This threat is a "PE" executable file
Files:
- Drop files: ".dll"
Installation to System:
- Drops the following files:
C:\Documents and Settings\All Users\Documents\Settings\ur32krutik6666.dll - And creates these registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ur32krutik6666reg
Telemetry
Detection Availability
FortiGate | |
---|---|
Extreme | |
FortiClient | |
Extended | |
FortiMail | |
Extended | |
FortiSandbox | |
Extended | |
FortiWeb | |
Extended | |
Web Application Firewall | |
Extended | |
FortiIsolator | |
Extended | |
FortiDeceptor | |
Extended | |
FortiEDR |