W32/Small.DQN!tr

description-logoAnalysis

W32/Small.DQN!tr - 06-10-09


More Info:

This is a Trojan-Downloader. It injects the Trojan-Downloader codes to the "svchost.exe" process, which will download malicious file from the following URL:
http://www.{REMOVED}.cl/images/titlebarr.gif
saves it as "C:\clipsrv.exe" and executes.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extreme
FortiClient
Extended
FortiMail
Extended
FortiSandbox
Extended
FortiWeb
Extended
Web Application Firewall
Extended
FortiIsolator
Extended
FortiDeceptor
Extended
FortiEDR

Version Updates

Date Version Detail
2022-07-05 90.03884
2022-04-27 90.01785