Riskware/Agent

description-logoAnalysis


Riskware/Agent is a very generic detection for a set of executables that harbors high risk behaviors.
These are mostly composed of Installers, BHO's, Stand Alone applications, or Utilities itself that could be used to deliver unwanted components into an unsuspecting users.
Some of these applications are big files above 100MB and some are delivered in foreign languages.
Below are some of the sample effects:


    • Figure 1: BHO Installation.


    • Figure 2: Remote utility.


    • Figure 3: Another BHO.


    • Figure 4: Downloader Installation.


recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
FortiClient
FortiAPS
FortiAPU
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-03-18 92.02575
2024-03-18 92.02574
2024-03-18 92.02573
2024-03-18 92.02572
2024-03-18 92.02571
2024-03-18 92.02570
2024-03-18 92.02567
2024-03-18 92.02566
2024-03-18 92.02565
2024-03-18 92.02564