JS/Phish.FKH!tr
Analysis
JS/Phish.FKH!tr is a detection for an Redirect trojan.
- Following are some of the near/exact IOCs/file hash associated with this detection:
- 27FA5A92598CA4DB56AD24C9961EDB32
- 81AADAD36F31250A76C0C51DD5F8BAA4
- The following are some illustrations related to the malware during our quick analysis:
- Figure 1: malware Distributed as email.
- Figure 2: Landing Page but has since been blocked by domain admin.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2022-03-15 | 90.00492 | |
2021-08-10 | 88.00269 | |
2021-05-11 | 86.00097 | |
2021-01-22 | 83.48400 | Sig Updated |
2020-11-08 | 81.69300 | Sig Updated |
2020-11-06 | 81.64800 | Sig Updated |
2020-11-03 | 81.57300 | Sig Updated |
2020-11-03 | 81.56700 | Sig Updated |
2020-11-01 | 81.52500 | Sig Updated |
2020-10-30 | 81.46700 | Sig Updated |