Virus

W32/Agent.NAN!tr

Analysis

W32/Agent.NAN!tr - 06-04-27

General Info:

This threat is a "PE" executable file

Files:

Drop files: ".dll"

Installation to System:

Drops the following files:
C:\Documents and Settings\All Users\Documents\Settings\ur32krutik6666.dll
And creates these registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ur32krutik6666reg

Detection Availability

FortiGate
Extreme
FortiClient
Extended
FortiMail
Extended
FortiSandbox
Extended
FortiWeb
Extended
Web Application Firewall
Extended
FortiIsolator
Extended
FortiDeceptor
Extended
FortiEDR

Version Updates

Date	Version	Detail
2022-03-29	90.00912
2022-01-20	89.08867
2021-02-09	83.91300	Sig Updated
2020-11-25	82.10100	Sig Added
2019-08-27	71.17600	Sig Updated
2019-07-27	70.28100	Sig Added

ID	166624
Released	Apr 10, 2006
Description Updated	Apr 10, 2006
Aliases	Win32/Agent.NAN trojan, trojan or variant New Malware.n
Platform Profile	Win32 file format / PE 32 bit