WM/TrojanDownloader.7A51!tr

description-logoAnalysis


WM/TrojanDownloader.7A51!tr is a generic detection for a type of macro trojan that has been observed to download and run the Papras malware which was designed to steal banking credentials. Since this is a generic detection, files that are detected as WM/TrojanDownloader.7A51!tr may have varying behavior.
Below are examples of some of these behavior:

  • It attempts to download the following file:
    • hxxp://soc{Removed}.com/system/logs/office.exe

recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2019-05-03 68.25100 Sig Added
2019-05-03 68.25000 Sig Updated
2019-01-01 65.33600 Sig Added
2019-01-01 65.33000 Sig Updated
2018-12-21 65.07000 Sig Added
2018-12-21 65.06900 Sig Updated