MSIL/GandCrab.FOD!tr.ransom
Analysis
MSIL/GandCrab.FOD!tr.ransom is a generic detection for Ransomware GandCrab trojan.
- hxxp://www.haarg{Removed}.biz
- hxxp://www.2mmotor{Removed}[.]biz
- hxxp://www.bizziniin{Removed}[.]com
|
For more details about this malware please refer to W32/GandCrab.FOD!tr.ransom
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2018-12-18 | 64.98900 | Sig Updated |
2018-12-12 | 64.84900 | Sig Updated |
2018-12-12 | 64.84500 | Sig Updated |
2018-12-11 | 64.82600 | Sig Updated |
2018-12-11 | 64.82100 | Sig Updated |
2018-12-07 | 64.72900 | Sig Updated |
2018-12-07 | 64.72400 | Sig Updated |
2018-12-06 | 64.70700 | Sig Updated |
2018-11-28 | 64.50900 | Sig Updated |