W32/Wanna.D!tr
Analysis
W32/Wanna.D!tr is a generic detection for a variant of the WannaCry ransomware. For more information, please see the description for W32/WannaCryptor!tr.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database./li>
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
- Download and install the patch for the Microsoft Windows SMB Server Vulnerability at https://technet.microsoft.com/library/security/MS17-010.
Telemetry
Detection Availability
FortiGate | |
---|---|
FortiClient | |
FortiAPS | |
FortiAPU | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2021-08-24 | 88.00605 | |
2021-06-11 | 86.00844 | |
2021-04-05 | 85.00226 | |
2021-01-22 | 83.47000 | Sig Updated |
2020-12-03 | 82.28000 | Sig Updated |
2020-10-23 | 81.29400 | Sig Updated |
2020-10-23 | 81.29100 | Sig Updated |
2020-10-22 | 81.28900 | Sig Updated |
2020-10-22 | 81.28800 | Sig Updated |
2020-10-16 | 81.13400 | Sig Updated |