-
Posts
5 -
Joined
-
Last visited
Kudos
-
josh_bdn gave kudos to itman in ESET protection fluctuating?
Below is the vulnerable driver being used. It's ancient; circa 2008, and appears not be on Microsoft vulnerable driver list. Or as I suspect, it's a device driver.
-
josh_bdn gave kudos to itman in ESET protection fluctuating?
According to the VT analysis, it's deploying and using a vulnerable driver, WinRing0.sys, that only three vendors are flagging as such. My suspicion is this driver is what is deploying the coin miner at system startup time.
-
josh_bdn gave kudos to itman in malware hashes
The solution here as mentioned in a previous thread is for Eset to establish a web based threat submission and detection portal such as Kaspersky has: https://opentip.kaspersky.com/ .