virus logo Virus

W32/Agent.VG!tr

description-logoAnalysis

W32/Agent.VG-tr - 05-12-07


Files:

  • Copies itself to: + undefinedSystemRootundefined/undefinedWinDirundefined
  • Drop files: + ".exe"

Installation to System:

  • Drops the following files:
    attempts to drop or download a file named lsasrv.exe in the system directory
  • And creates these registry entries:
    HKLM\Software\Microsoft\CurrentVersion\Run lsass=undefinedSystemdirundefinedlsasrv.exe

More Info:

after execution the malware pops up a notepad window containing some unreadable text

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-03-18 92.02564
2024-03-15 92.02471
2024-02-14 92.01572
2024-01-29 92.01094
2024-01-24 92.00942
2023-12-30 92.00181
2023-12-27 92.00101
2023-12-25 92.00041
2023-12-12 91.09662
2023-11-11 91.08710
ID 95322
Released May 12, 2006
Description
Updated		 Mar 13, 2007
Platform Profile Win32 file format / PE 32 bit