| ID | 62227 |
| Released | Dec 30, 2005 |
| Description Updated | Mar 13, 2007 |
Detection Availability
| FortiGate | |
|---|---|
| Extended |
|
| FortiClient |
|
| FortiMail |
|
| FortiSandbox |
|
| FortiWeb |
|
| Web Application Firewall |
|
| FortiIsolator |
|
| FortiDeceptor |
|
| FortiEDR |
|
Threat Profile
Aliases:- AdClicker-BA.dldr trojan [McAfee]
- Trojan-Downloader.Win32.Small.bnd [KAV]
Adware typically display advertising content to the user. This advertising content may take many forms, but is typically in the form of web browser pop-up advertisements. In most circumstances, the user is not aware of the Adware component being installed on the local machine.
Update History
| Date | Version | Detail |
|---|---|---|
| 2023-04-26 | 91.02730 | |
| 2023-03-23 | 91.01697 | |
| 2023-03-21 | 91.01630 | |
| 2023-03-12 | 91.01356 | |
| 2023-03-07 | 91.01211 | |
| 2023-03-03 | 91.01083 | |
| 2023-02-16 | 91.00651 | |
| 2023-02-16 | 91.00640 | |
| 2023-02-11 | 91.00496 | |
| 2023-01-29 | 91.00090 |
Refine Search
Threat Encyclopedia
Adware/Small
Analysis
This downloader Trojan is compact, with a file size of 7,680 bytes. It is coded to connect to four different web sites in an attempt to download a binary program named "silent_install.exe".
The file downloaded is identified by current AV db as "AdClicker.BA-dr".
This Trojan attempts to connect with the following domains in order to dowload the binary -
quicksearch360.com
ezwebsearching.com
search123forme.com
update.yupsearch.com
searchmiracle.com
Recommended Action
- check the main screen using the web interface to
ensure the latest AV/NIDS database has been downloaded
and installed -- if required, enable the "Allow
Push Update" option
FortiGate systems:
