Does Palo Alto Networks firewall provide information and coverage on FormBook Malware (MalVirt Loader)?

Does Palo Alto Networks firewall provide information and coverage on FormBook Malware (MalVirt Loader)?

219
Created On 02/21/23 16:18 PM - Last Modified 10/29/25 19:28 PM


Question


Does Palo Alto Networks firewall provide information and coverage on FormBook Malware (MalVirt Loader)?

Environment


  • Palo Alto Networks NGFW (Strata)

Answer


Threat ID: 571933816 (Virus/Win32.WGeneric.dxtxfz)
  • Palo Alto firewalls currently have TID 571933816 (Virus/Win32.WGeneric.dxtxfz) Anti-Virus signature, released in content package version 4368 (2023-02-20 UTC) to provide coverage for the MalVirt loader payload. 
  • All URLs listed in the below IOC article have a 'malware' category assigned to them.

Additional Information
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000savfCAA&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail