1. /
  2. Security Response/
  3. SONAR.Sality!gen1


Risk Level 2: Low

April 14, 2014
April 14, 2014 11:27:44 AM
Systems Affected:
Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP
SONAR.Sality!gen1 is a heuristic detection that is designed to detect the W32.Sality family of threats.

For more information, please see the following resource:

Antivirus Protection Dates

  • Initial Rapid Release version October 2, 2014 revision 022
  • Latest Rapid Release version October 2, 2014 revision 022
  • Initial Daily Certified version April 14, 2014 revision 017
  • Latest Daily Certified version April 14, 2014 revision 017
  • Initial Weekly Certified release date April 16, 2014
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Medium
  • Number of Infections: 50 - 999
  • Number of Sites: 10+
  • Geographical Distribution: Medium
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Downloads files and URLs.
  • Modifies Files: Infects files on local drives and removable media.
  • Degrades Performance: Participation in a peer-to-peer (P2P) botnet may degrade performance.
  • Compromises Security Settings: Lowers security settings and may disable security-related processes and applications.


  • Distribution Level: Medium
  • Target of Infection: Executable files on local, removable and remote shared drives.
Note: On May 14, 2015, modifications will be made to the threat write-ups to streamline the content. The Threat Assessment section will no longer be published as this section is no longer relevant to today's threat landscape. The Risk Level will continue to be the main threat risk assessment indicator.

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report