W32/VB.AS!worm.im
Analysis
- undefinedWindowsundefined\dc.exe
- undefinedWindowsundefined\SVIQ.EXE
- undefinedWindowsundefined\Help\Other.exe
- undefinedWindowsundefined\inf\Other.exe
- undefinedSystemundefined\Fun.exe
- undefinedSystemundefined\WinSit.exe
- undefinedSystemundefined\config\Win.exe
- key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- value:dc2k5
- data: "undefinedWindowsundefined\SVIQ.EXE"
- key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- value:Fun
- data: "undefinedSystemundefined\Fun.exe"
- key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- value:dc
- data: "undefinedWindowsundefined\dc.exe"
Recommended Action
-
FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |