W32/Delf!tr
Analysis
- Trojan is 32bit with a compressed file size of 17,920
bytes
- Trojan may have been installed by W32/Sobig-mm
- Trojan functions as a keylogger, tracking keys
typed in the keyboard to a
file for use by a remote access Trojan component
- Trojan may exist as the file name "ndrbk32.dll"
or other .DLL file name
in the Windows\System folder
Recommended Action
Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option
Telemetry
Detection Availability
FortiGate | |
---|---|
Extreme | |
FortiClient | |
Extended | |
FortiMail | |
Extended | |
FortiSandbox | |
Extended | |
FortiWeb | |
Extended | |
Web Application Firewall | |
Extended | |
FortiIsolator | |
Extended | |
FortiDeceptor | |
Extended | |
FortiEDR |