Perl/CVE_2022_34713.A!tr
Analysis
Perl/CVE_2022_34713.A!tr is a generic detection for a Perl script trojan.
This malware has been associated with the following third party article/advisory.
https://nvd.nist.gov/vuln/detail/CVE-2022-34713 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713The correlation has been established due to a database near/exact match on one of the sample/IOC/file that were found during investigation.
- Md5: 2ac3c14f0a3b221155c8dd204cbc87e8
Sha256: 6bbe544d98153b2f7201d7ebf3589fb79af4acf97fbbd1a52e8b647b17c101b1
Outbreak Alert
August patch Tuesday from Microsoft introduced fixes for 121 vulnerabilities. Of these, two are zero-day fixes, and one -- CVE-34713 a.k.a. 'DogWalk' -- is being actively exploited in the wild.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |