Sign in to follow this  
hamed_masoomi67

Eset Can not Detect a malicious exe

Recommended Posts

Hello Guys 

We have eset endpoint 6.5.2 on our systems and we have been infected by a malicious exe.

eset can not detects the files.

screenshot from virustotal and malicious files attached

virus.jpg

 

Share this post


Link to post
Share on other sites

Please submit the file as per the instructions at https://support.eset.com/kb141/.

By the way, ServerGUi.exe is detected as a CoinMiner PUA. Make sure that you have detection of pot. unwanted applications enabled.
NTRIGHTS.exe is a benign file.

 

Share this post


Link to post
Share on other sites

Thanks for Reply

the name of malicious file is "splwow64Nt.exe"

Best Regards

Share this post


Link to post
Share on other sites

By just a quick look it's a non-onfuscated Autoit script with "Joakim Schicht" listed as the author, so probably related to https://github.com/jschicht.

I've passed the script for further analysis to confirm or deny that it should be detected.

Share this post


Link to post
Share on other sites

We have classified the executable as Win32/RiskWare.ProcessCritical.A application.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.