Threat Encyclopedia

W32/Fareit.L!tr.pws

description-logoAnalysis


W32/Fareit.L!tr.pws is a generic detection for a trojan. Since this is a generic detection, malware that are detected as W32/Fareit.L!tr.pws may have varying behavior.
Below are examples of some of these behaviors:

  • It drops a copy of itself as undefinedAppDataundefined\[RandomName_1]\[RandomName_2].exe.

  • It deletes the original malware file upon execution.

  • The malware connects to the remote server guu{Removed}.blackfriday.

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry