There's write-up here: http://blogs.mcafee.com/mcafee-labs/hesperus-evening-star-shines-as-latest-banke r-trojan
With those types of infections it's well-nigh impossible to stop them all as often they rely on user interaction to activate.
Best solution at the first sign is to hard power off and then boot to Safe Mode and intitiate System Restore if possible.
Now I am only experienced on the consumer side of things so I realize corporate procedures are different so will defer to anyone else who contributes here.
I already checked this. McAfee gives it a generic-type name followed by an Artemis-type string of characters. There's a VirusTotal analysis which includes that detection name but there's nothing yet in the database for it. Same goes for Microsoft. All we have so far are a couple of write-ups of what it does and how it does it.
Possibly this has been re-categorised and is in the McAfee database under a completely different name - I was going to wait until someone from McAfee had a chance to look at this and give an opinion.
Reason for this is that I work where it could be a possible target (or our customers) so without GTI and a DAT file and I can only rely on Access Protection Rules and current related alarmists. Is there any idea of when the .dat file could be compiled?
None here, Hayton any thoughts?
I'll ask about this on the conference call. Let's see if we can get this forwarded to someone in the Labs for action.
Edit - Confusingly, VirusTotal shows a second detection of this with a different McAfee name. This detection is "RDN/Ransom!dl", which doesn't exist in the database as such. There are at least 12 McAfee detections in the database that start with that name, but each one has an identifying suffix which is not present in the VirusTotal report.
I noticed virustotal report too. I looked for RDN/Ransom @mcafee but the DAT availibility was a bit earlier since this malware came out in the beginning of the current month.