You are browsing a legitimate-looking news site when a pop-up claims, "Your Flash Player is out of date." Clicking that fake update button does not install Adobe software; instead, it executes a PowerShell command that downloads the Gen4 downloader.

Cited in protection bulletins regarding espionage campaigns targeting critical infrastructure in Libya.

security products. It identifies a fourth-generation "downloader"—a type of Trojan designed to secretly download and install additional malicious components onto a compromised system. Malware Analysis Report: CL.Downloader!gen4 1. Threat Classification Trojan Downloader Detection Method:

Security logs often describe this signature as triggering on "Suspicious PowerShell detected" or unauthorized use of system tools to fetch external files. Where to Find Technical Details

[Insert Date] Analyst: [Your Name/Team] Threat Name: cl.downloader gen4 Detection Classification: Generic Downloader / Trojan Downloader (Heuristic)