WM/TrojanDownloader.7A51!tr
Analysis
WM/TrojanDownloader.7A51!tr is a generic detection for a type of macro trojan that has been observed to download and run the Papras malware which was designed to steal banking credentials. Since this is a generic detection, files that are detected as WM/TrojanDownloader.7A51!tr may have varying behavior.
Below are examples of some of these behavior:
- It attempts to download the following file:
- hxxp://soc{Removed}.com/system/logs/office.exe
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |