cancel
Showing results for 
Search instead for 
Did you mean: 
skeating
Level 9

PlugX Last Detected As Artemis!4711645971A9

Jump to solution

Hello

With the recent revelations about the use of PlugX to gain access and steal data, my question is will VSE 8.8 be able to detect and remove this from any computer, assuming that all the latest updates have been done? Is there a pdf put out by McAfee that deals with this?

Thanks

Stephen Keating

0 Kudos
1 Solution

Accepted Solutions
dmeier
Level 13

Re: PlugX Last Detected As Artemis!4711645971A9

Jump to solution

Hello Skeeting, the short answer is, yes, we detect every PlugX that we know about.  Now, not every file gets moved into the correct bucket, but having an Artemis detection, will in fact remove the malware as well.   If you would like to have it properly classified, just escalate a case through support, and they will walk it through the process.

That said, this particular sample (MD5 hash=4711645971a99b5fc427da22a67a8518), has a DAT based detection of Generic.dx!bg3d, for the last couple years.  You can tell from the overall reputation of that file, that it is a part of PlugX, as you mentioned.

As for a write up on the file, these are typically provided upon specific request through the support team.

Hope that helps,

- David

0 Kudos
7 Replies
exbrit
Level 21

Re: PlugX

Jump to solution

Moved to the Corporate User Assistance sub-section for better handling.

I see from VirusTotal website that McAfee does detect is as an Artemis infection, which means it has yet to be classified.

If no response within 24 hours I will move it to the actual VSE section.

----

Peter

Moderator

0 Kudos
skeating
Level 9

Re: PlugX

Jump to solution

Is there something I can do to move this, or will it automatically happen? So since it gets detected as an Artemis, it will be removed? Is there a place on the McAfee website where I can get this information?

Stephen Keating

0 Kudos
exbrit
Level 21

Re: PlugX

Jump to solution

Did you want me to move it to VSE now?   Or should I put it in Artemis Discussion?

The most recent entry is last March Artemis!4711645971A9

So I could alter the header to that and move it there?

0 Kudos
skeating
Level 9

Re: PlugX

Jump to solution

Please go ahead and move it.

Stephen Keating

0 Kudos
exbrit
Level 21

Re: PlugX Last Detected As Artemis!4711645971A9

Jump to solution

Header altered and thread moved to Artemis discussions.

Good luck ;-)

0 Kudos
dmeier
Level 13

Re: PlugX Last Detected As Artemis!4711645971A9

Jump to solution

Hello Skeeting, the short answer is, yes, we detect every PlugX that we know about.  Now, not every file gets moved into the correct bucket, but having an Artemis detection, will in fact remove the malware as well.   If you would like to have it properly classified, just escalate a case through support, and they will walk it through the process.

That said, this particular sample (MD5 hash=4711645971a99b5fc427da22a67a8518), has a DAT based detection of Generic.dx!bg3d, for the last couple years.  You can tell from the overall reputation of that file, that it is a part of PlugX, as you mentioned.

As for a write up on the file, these are typically provided upon specific request through the support team.

Hope that helps,

- David

0 Kudos
skeating
Level 9

Re: PlugX Last Detected As Artemis!4711645971A9

Jump to solution

Thanks for the information.

0 Kudos