virus logo Virus

W32/Agent.HI!tr

description-logoAnalysis

This downloader Trojan attempts to connect to the site 'maxmind.com' and 'elitemedia.net' in order to log IP address of the infected system, and download additional binary files.

recommended-action-logoRecommended Action


    FortiGate systems:
  • check the main screen using the web interface to ensure the latest AV/NIDS database has been downloaded and installed -- if required, enable the "Allow Push Update" option

Telemetry logoTelemetry

Detection Availability

FortiGate
Extreme
FortiClient
Extended
FortiMail
Extended
FortiSandbox
Extended
FortiWeb
Extended
Web Application Firewall
Extended
FortiIsolator
Extended
FortiDeceptor
Extended
FortiEDR

Version Updates

Date Version Detail
2023-08-08 91.05844
2023-06-15 91.04221
2023-05-09 91.03106
2023-03-26 91.01794
2022-08-09 90.04916
2022-07-12 90.04092
2022-06-17 90.03342
2022-05-20 90.02470
2019-08-27 71.17600 Sig Updated
2019-07-20 70.11500 Sig Added
ID 40726
Released May 12, 2006
Description
Updated		 Mar 13, 2007
Aliases Downloader-VF trojan [McAfee], PSW.Agent.ZN [AVG], Spyware/Media-motor [Panda], Trojan-Spy.Win32.Agent.hi [KAV], W32/Agent.HI!tr
Platform Profile Win32 file format / PE 32 bit