Jump to content

Skeleton Key Malware


Go to solution Solved by MichaelA,

Recommended Posts

I'm just checking to see if anyone knows if the ESET Endpoint products (I.e. Endpoint Antivirus and Endpoint Security) have definitions to protect against the "skeleton key" infection?  If so, what the detection name is?

 

-   hxxp://www.darkreading.com/skeleton-key-malware-bypasses-active-directory/d/d-id/1318570

 

Thanks ~

 

 

Link to comment
Share on other sites

  • Former ESET Employees
  • Solution

Hello,

     Currently with the SHA1 and MD5 hashes of the 2 files that were discovered by Dell Secureworks are not being detected on VirusTotal at all by any AV vendor; however, that is not to say that the Advanced Memory Scanner (Version 6 applications) and Advanced Hieuristic analysis of the items on the Server environment would not be able to detect odd behavior in protected operating system areas.

 

     Also, the application makes mention that if 2FA (2 Factor Authentication), like ESET Secure Authentication, is utilized, the Skeleton Key malware would not be able to operate in an effective manner or at all.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...