VirusW32/Wanna.D!tr
Analysis
W32/Wanna.D!tr is a generic detection for a variant of the WannaCry ransomware. For more information, please see the description for W32/WannaCryptor!tr.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database./li>
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
- Download and install the patch for the Microsoft Windows SMB Server Vulnerability at https://technet.microsoft.com/library/security/MS17-010.
Telemetry
Detection Availability
| FortiGate | |
|---|---|
| FortiClient | |
| FortiAPS | |
| FortiAPU | |
| FortiMail | |
| FortiSandbox | |
| FortiWeb | |
| Web Application Firewall | |
| FortiIsolator | |
| FortiDeceptor | |
| FortiEDR |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-08-24 | 88.00605 | |
| 2021-06-11 | 86.00844 | |
| 2021-04-05 | 85.00226 | |
| 2021-01-22 | 83.47000 | Sig Updated |
| 2020-12-03 | 82.28000 | Sig Updated |
| 2020-10-23 | 81.29400 | Sig Updated |
| 2020-10-23 | 81.29100 | Sig Updated |
| 2020-10-22 | 81.28900 | Sig Updated |
| 2020-10-22 | 81.28800 | Sig Updated |
| 2020-10-16 | 81.13400 | Sig Updated |