W32/Heye.EKU!tr.pws
Analysis
W32/Heye.EKU!tr.pws is classified as a password-stealing trojan.
A password-stealing trojan searches the infected system for passwords and sends them to a remote attacker.
The Fortinet Antivirus Analyst Team is constantly updating our descriptions. Please check the FortiGuard Encyclopedia regularly for updates.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2019-10-29 | 72.68400 | Sig Updated |
2019-09-17 | 71.67600 | Sig Updated |
2019-09-05 | 71.39200 | Sig Updated |
2019-08-06 | 70.52400 | Sig Updated |
2019-04-23 | 68.01000 | Sig Updated |
2019-03-18 | 67.14100 | Sig Updated |
2019-03-13 | 67.02500 | Sig Updated |
2019-03-05 | 66.83600 | Sig Updated |
2019-02-05 | 66.17700 | Sig Updated |
2019-02-04 | 66.14300 | Sig Updated |