W32/Powershell.ARU!tr
Analysis
W32/Powershell.ARU!tr is classified as a trojan.
A trojan is a type of malware that performs activites without the user’s knowledge. These activities commonly include establishing remote access connections, capturing keyboard input, collecting system information, downloading/uploading files, dropping other malware into the infected system, performing denial-of-service (DoS) attacks, and running/terminating processes.
The Fortinet Antivirus Analyst Team is constantly updating our descriptions. Please check the FortiGuard Encyclopedia regularly for updates.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2023-02-28 | 91.01002 | |
2022-11-22 | 90.08055 | |
2021-03-02 | 84.00417 | |
2020-12-21 | 82.72500 | Sig Added |
2020-10-06 | 80.89700 | Sig Updated |
2020-09-29 | 80.72800 | Sig Updated |
2020-09-22 | 80.56100 | Sig Updated |
2020-09-01 | 80.05600 | Sig Updated |
2020-08-10 | 79.52700 | Sig Updated |
2020-08-05 | 79.40500 | Sig Updated |