Does Microsoft ATA have a signature for SolarFlare credential dumping tool?

Cosm1c 1 Reputation point
2021-10-02T05:04:23.677+00:00

How strong is it? Can it be bypassed by adding a timer to the payload?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,574 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,776 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,506 Reputation points
    2021-10-04T19:03:30.29+00:00

    Hello @Cosm1c

    Not an expert in security myself, but it seems that it is in MS database of hacktools: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=HackTool:Win32/SolarFlare.A!dha&ThreatID=2147771376

    Regarding the information about signatures specifics or payload information Microsoft has been always secretive, as most of security companies, to avoid providing information that would help hackers to bend the code to bypass them.

    Hope this helps with your query,

    ------------

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments