W32/Genome.LNEJ!tr.dldr
Analysis
W32Genome.LNEJ!tr.dldr is a generic detection for a type of trojan that downloads malicious files to the compromised computer which may have further malicious behaviour. Since this is a generic detection, malware that are detected as W32Genome.LNEJ!tr.dldr may have varying behavior.
Below are examples of some of these behaviors:
- Attempts to access certain URLs such as the following to download files:
- bi.do{Removed}.com
- storage.go{Removed}.com
- crl.user{Removed}.com
- crl.como{Removed}.com
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extreme | |
FortiClient | |
Extended | |
FortiMail | |
Extended | |
FortiSandbox | |
Extended | |
FortiWeb | |
Extended | |
Web Application Firewall | |
Extended | |
FortiIsolator | |
Extended | |
FortiDeceptor | |
Extended | |
FortiEDR |