nasbench
commented
2 months ago Hey @AtomicBeansQ, thanks for opening this issue
The hash in question is already available in LOLDrivers see https://www.loldrivers.io/drivers/bd9f084e-b235-4978-bf2a-5f1dc02937df/
Hi guys , please add 1c1a4ca2cbac9fe5954763a20aeb82da9b10d028824f42fff071503dcbe15856. Is the TFSysMon.sys driver that was used in a RansomHub recent attacks. I attach a PDF with exhibition of the vulnerability. Thanks. https://www.virustotal.com/gui/file/1c1a4ca2cbac9fe5954763a20aeb82da9b10d028824f42fff071503dcbe15856 Lack of Access Control in vulnerable driver used by RansomHub to disable EDR systems.pdf