W32/PackGamania.A!tr

description-logoAnalysis

W32/PackGamania.A!tr are malware files packed by a private packer resembling ASPack. Its main purpose is to steal information such as passwords used for the Gamania online game.

The malware has the following behavior when executed :

  • Copies itself in the undefinedsystemundefined folder.
  • Deletes itself from the folder where the user executed the malware
  • Sometimes opens a "clean" file such as a picture to let the user think that it is not malicious.

recommended-action-logoRecommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
    FortiClient Systems
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2019-05-07 68.34600 Sig Updated
2019-05-03 68.25100 Sig Updated
2019-05-03 68.25000 Sig Updated