→ 🚀What's New? Explore Lansweeper's Fall 2024 Updates! Fall Launch Blog !

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
hotschumacher
Engaged Sweeper

Hey Lansweeper Community!

I'm kind of new around here and could use some help. I've run into a bit of trouble with a malware attack on our fileserver. It seems to be targeting Brazilian banks and likes to hide in \AppData\Roaming\EdgeCookie\x86\anim\sd or \AppData\Roaming\EdgeCookie\x86\anim\ud, running some nasty bank-related malware.

Here's my challenge: I want to set up Lansweeper to scan our workstations for specific files in these folders, or better yet, for specific MD5 hashes. It'd be super helpful for spotting those sneaky infected files hiding in plain sight.

If anyone could point me in the right direction or give me a step-by-step, that would be awesome. Thanks a ton in advance for your patience and help, and sorry for any English mistakes.

Cheers,
[Fernando]

hotschumacher_0-1705081881167.png

 

1 ACCEPTED SOLUTION
David_GF
Lansweeper Tech Support
Lansweeper Tech Support

Hi @hotschumacher 

Lansweeper does not scan MD5 hashes, but you can use the custom file and registry scans to find out what computers are hosting the malware:

https://community.lansweeper.com/t5/scanning-your-network/scan-registry-values-with-custom-registry-...

https://community.lansweeper.com/t5/scanning-your-network/windows-custom-file-scanning/ta-p/64272

Good hunting!! 



~~~~~~~ (〃 ̄︶ ̄)人( ̄︶ ̄〃) ~~~~~~~
Sweep that LAN, sweep it!

View solution in original post

1 REPLY 1
David_GF
Lansweeper Tech Support
Lansweeper Tech Support

Hi @hotschumacher 

Lansweeper does not scan MD5 hashes, but you can use the custom file and registry scans to find out what computers are hosting the malware:

https://community.lansweeper.com/t5/scanning-your-network/scan-registry-values-with-custom-registry-...

https://community.lansweeper.com/t5/scanning-your-network/windows-custom-file-scanning/ta-p/64272

Good hunting!! 



~~~~~~~ (〃 ̄︶ ̄)人( ̄︶ ̄〃) ~~~~~~~
Sweep that LAN, sweep it!