JS/Phish.AZD!tr
Analysis
JS/Phish.AZD!tr is a detection for Javascript code that supports a phishing webpage.
Below are examples of its behavior:
- It is disguised as an Adobe webpage:
- It sends user data to the following address:
- hxxp://upgr{Removed}.us/boss.php
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extreme | |
FortiClient | |
Extended | |
FortiMail | |
Extended | |
FortiSandbox | |
Extended | |
FortiWeb | |
Extended | |
Web Application Firewall | |
Extended | |
FortiIsolator | |
Extended | |
FortiDeceptor | |
Extended | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2022-09-06 | 90.05740 |