Virus

Analysis

Python/CVE_2022_35405.G!tr is a generic detection for a Python script trojan/exploit.
This malware has been associated with the following third party article/advisory.

https://nvd.nist.gov/vuln/detail/CVE-2022-35405

The correlation has been established due to a database near/exact match on one of the sample/IOC/file hash indicated in the mentioned resource.

Following are some of the near/exact IOCs/file hash associated with this detection:

Md5: f7557966a926aa2832a362cd2abf3ccf
Sha256: ed156b4196a5a0b6a6fd8e554208ebb6ce6da15417fc57d837d2b7e65c35c174

Recommended Action

Make sure that your FortiGate/FortiClient system is using the latest AV database.
Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date	Version	Detail
2022-09-23	90.06256

ID	10106188
Released	Sep 23, 2022
Description Updated	Sep 23, 2022
Aliases	Exploit.EXP/PyShellCode.G,EXP/PyShellCode.G,Exploit.JS.akh

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Python/CVE_2022_35405.G!tr

Analysis

Recommended Action

Telemetry

Detection Availability

Version Updates

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Virus

Python/CVE_2022_35405.G!tr

Analysis

Recommended Action

Telemetry

Detection Availability

Version Updates

Threat Intelligence
Center