VirusW32/Nekto.B!tr.ransom
Analysis
W32/Nekto.B!tr.ransom is classified as a ransomware trojan.
A ransomware trojan is a type of malware that prevents or restricts the infected user from accessing their system, usually by locking the screen or encrypting the user's files. It then demands payment, usually in the form of cryptocurrency, in order for the system or files to be accessible again.
The Fortinet Antivirus Analyst Team is constantly updating our descriptions. Please check the FortiGuard Encyclopedia regularly for updates.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
| FortiGate | |
|---|---|
| Extended | |
| FortiClient | |
| FortiMail | |
| FortiSandbox | |
| FortiWeb | |
| Web Application Firewall | |
| FortiIsolator | |
| FortiDeceptor | |
| FortiEDR |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2022-05-25 | 90.02622 | |
| 2019-12-03 | 73.52500 | Sig Updated |
| 2019-11-04 | 72.83800 | Sig Updated |
| 2019-10-15 | 72.34800 | Sig Updated |
| 2019-09-10 | 71.50800 | Sig Updated |
| 2019-09-06 | 71.41300 | Sig Updated |
| 2019-09-05 | 71.39200 | Sig Updated |
| 2019-08-27 | 71.17600 | Sig Updated |
| 2019-08-13 | 70.69000 | Sig Updated |
| 2019-08-12 | 70.67100 | Sig Updated |