Jump to content

Skeleton Key Malware

Go to solution Solved by MichaelA,

Recommended Posts

I'm just checking to see if anyone knows if the ESET Endpoint products (I.e. Endpoint Antivirus and Endpoint Security) have definitions to protect against the "skeleton key" infection?  If so, what the detection name is?


-   hxxp://www.darkreading.com/skeleton-key-malware-bypasses-active-directory/d/d-id/1318570


Thanks ~



Link to comment
Share on other sites

  • Former ESET Employees
  • Solution


     Currently with the SHA1 and MD5 hashes of the 2 files that were discovered by Dell Secureworks are not being detected on VirusTotal at all by any AV vendor; however, that is not to say that the Advanced Memory Scanner (Version 6 applications) and Advanced Hieuristic analysis of the items on the Server environment would not be able to detect odd behavior in protected operating system areas.


     Also, the application makes mention that if 2FA (2 Factor Authentication), like ESET Secure Authentication, is utilized, the Skeleton Key malware would not be able to operate in an effective manner or at all.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...