Moved to the Corporate User Assistance sub-section for better handling.
I see from VirusTotal website that McAfee does detect is as an Artemis infection, which means it has yet to be classified.
If no response within 24 hours I will move it to the actual VSE section.
Is there something I can do to move this, or will it automatically happen? So since it gets detected as an Artemis, it will be removed? Is there a place on the McAfee website where I can get this information?
Did you want me to move it to VSE now? Or should I put it in Artemis Discussion?
The most recent entry is last March Artemis!4711645971A9
So I could alter the header to that and move it there?
Please go ahead and move it.
Header altered and thread moved to Artemis discussions.
Good luck ;-)
Hello Skeeting, the short answer is, yes, we detect every PlugX that we know about. Now, not every file gets moved into the correct bucket, but having an Artemis detection, will in fact remove the malware as well. If you would like to have it properly classified, just escalate a case through support, and they will walk it through the process.
That said, this particular sample (MD5 hash=4711645971a99b5fc427da22a67a8518), has a DAT based detection of Generic.dx!bg3d, for the last couple years. You can tell from the overall reputation of that file, that it is a part of PlugX, as you mentioned.
As for a write up on the file, these are typically provided upon specific request through the support team.
Hope that helps,
Thanks for the information.