HTML/Redirector.IK!tr
Analysis
HTML/Redirector.IK!tr is a detection for an Phishing trojan.
- Following are some of the near/exact IOCs/file hash associated with this detection:
- 3aa633c0a95c9c0860055bcd02912f7f
- efc188b6dc98e5f6326a68e689b7c435
- This malware seems to be redirecting to a certain cloake[Removed].php, whereas also most of the malware instances we observed seems to mimic notification as Qantas or Online Banking.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
FortiClient | |
FortiAPS | |
FortiAPU | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |