Adware/Small

description-logoAnalysis

This downloader Trojan is compact, with a file size of 7,680 bytes. It is coded to connect to four different web sites in an attempt to download a binary program named "silent_install.exe".

The file downloaded is identified by current AV db as "AdClicker.BA-dr".

This Trojan attempts to connect with the following domains in order to dowload the binary -

quicksearch360.com
ezwebsearching.com
search123forme.com
update.yupsearch.com
searchmiracle.com

recommended-action-logoRecommended Action


    FortiGate systems:
  • check the main screen using the web interface to ensure the latest AV/NIDS database has been downloaded and installed -- if required, enable the "Allow Push Update" option

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-04-08 92.03200
2024-03-25 92.02782
2024-03-25 92.02774
2024-03-18 92.02564
2024-02-19 92.01722
2024-02-16 92.01634
2024-02-05 92.01302
2024-02-04 92.01260
2024-01-30 92.01113
2024-01-08 92.00456