W32/Mitglieder.VO!tr
Analysis
- undefinedSystemundefined\[random].exe
- hidn2.exe
- hldrrr.exe
- key: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- value: drv_st_key
- data: C:\Documents and Settings\[user]\hidn\ hidn2.exe
- key: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
- value: drv_st_key
- data: C:\Documents and Settings\[user]\hidn\ hidn2.exe
- Email format:
- Subject:
- Body:
- Attachment: price_list.zip
price
It Is Protected Passwrd: [a GIF file]
Recommended Action
-
FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extreme | |
FortiClient | |
Extended | |
FortiMail | |
Extended | |
FortiSandbox | |
Extended | |
FortiWeb | |
Extended | |
Web Application Firewall | |
Extended | |
FortiIsolator | |
Extended | |
FortiDeceptor | |
Extended | |
FortiEDR |