W32/Agent.NAB!tr
Analysis
- undefinedSYSTEMundefined\adirss.exe
- key: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
- value: sysinter
- data: undefinedSYSTEMundefined\adirss.exe
- netsh firewall set allowedprogram "undefinedSYSTEMundefined\adirss.exe" enable
Recommended Action
-
FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |