virus logo Virus

JS/Kryptik.AOG!tr

description-logoAnalysis


 JS/Kryptik.AOG!tr is a generic detection for a type of obfuscated JavaScript trojan that uses a certain function to decode itself. When the decoded codes are executed, it redirects the web browser to other sites that may contain malicious content.

  • Examples of web sites that this malware redirects to are the following:
    • http://infin{Removed}.com/images/cnGbDtCm.php
    • http://www.rhon{Removed}.org/7KXJ6khc.php
    • http://8164e5d74f4e0855.lo{Removed}.jp/js/4cCvQzdy.php
    • http://trin{Removed}.com/vwDhY73V.php

recommended-action-logoRecommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
    FortiClient Systems
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiClient
Extreme
FortiMail
Extreme
FortiSandbox
Extreme
FortiWeb
Extreme
Web Application Firewall
Extreme
FortiIsolator
Extreme
FortiDeceptor
Extreme
FortiEDR

Version Updates

Date Version Detail
2021-08-02 88.00076
2021-06-03 86.00651
2020-04-07 76.53400 Sig Updated
2020-03-04 75.71900 Sig Updated
2020-01-09 74.40100 Sig Updated
2019-12-02 73.49500 Sig Added
ID 5590991
Released Sep 25, 2013
Description
Updated		 Jan 28, 2014
Aliases Exploit.JS.Pdfka.gkj, JS/Exploit-Blacole.gc trojan, Troj/Iframe-JH, JS/Kryptik.AOG trojan, JS/Exploit JS_BLACOLE.AAE, JS:Exploit.JS.Blacole.Z
Platform Profile Java Script