virus logo Virus

W32/Small.PRL!tr

description-logoAnalysis


  • Creates a copy of itself to the Temporary folder using a randomized file name.

  • Attempts to download malicious files from the certain URLs, such as the following:
    • http://dcm{Removed}ces.com/egg/rchp.exe

    It saves the downloaded file to the Temporary folder with a randomized file name, then executes it.

recommended-action-logoRecommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
    FortiClient Systems
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2022-10-18 90.07000
2022-09-27 90.06380
2022-09-14 90.05987
2022-05-03 90.01962
2022-02-28 90.00046
2022-02-28 90.00044
2022-02-28 90.00043
2022-02-28 90.00042
2022-02-28 90.00036
2022-02-28 90.00035
ID 5463832
Released Aug 29, 2013
Description
Updated		 Sep 17, 2013
Aliases Win32/TrojanDownloader.Small.PRL (NOD32)
Platform Profile Win32 file format / PE 32 bit