The Intelligent Sandbox (IS) updated content package for versions 4.10, 4.12, 4.14, 5.0, and 5.2 is now available.
This detection package adds detection updates to IS, and includes the following changes:
Rules for detecting various types of malware:
Rules for detecting various types of malware:
- Trojans collecting sensitive user data like passwords, credit card details, etc.
- Trojans collecting Original Product Keys
- Trojans collecting operating system video controller captions
- Zardoor backdoor execution
- Zardoor Trojan's Rundll execution of zara.dll
- Zardoor Trojan's installation and execution of malicious payload, and msdtc service activity
- Added 2181 new key hashes
This detection package is released using the common detection package format. To install and apply a common detection package, either use IS 5.2.2 or a newer version, or install a patch of KB96550 - How to enable support for the Intelligent Sandbox and Advanced Threat Defense common detection package if you have IS 5.2.0 or earlier.
See KB96550 - How to enable support for the Intelligent Sandbox and Advanced Threat Defense common detection package for details about the common detection package format.
Package build number: 5.2.4.240312
Customers can update to the detection packages using the following two options:
- Product UI: Access on the IS (ATD) UI at Manage, Image & Software, Content Update, Detection Pkg
- Download Server: Customers can download the content updates, behind appropriate grant numbers, from the Download Server
For more information, see the Release Notes.