JS/Nemucod.DAG!tr.dldr
Analysis
JS/Nemucod.DAG!tr.dldr is a generic detection for a downloader trojan. At the time of analysis, this malware managed to download a ransomware from the following URL:
- hxxp://{Removed}wokia.top/admin.php?f=404
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2020-08-18 | 79.72000 | Sig Updated |