Below are examples of some of these behavior:
- It downloads the following file:
- undefinedTempundefined\tmp702677.446 : This file is detected as W32/Androm.E!tr.bdr.
- It attempts to connect to the following URLs:
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.