Malicious File Detection: Malware Signed By Stolen Bit9 Certificate

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.

Synopsis :

Nessus detected potentially unwanted files on the remote host.

Description :

The md5sum of one or more files on the remote Windows host matches the
signature of malware that was signed by a certificate stolen from the
security firm Bit9.

Verify that the remote files are legitimate and authorized in your

See also :

Solution :

Uninstall the remote software if it does not match your security
policy, and investigate your network for further signs of a breach.

Risk factor :


Family: Windows

Nessus Plugin ID: 88959 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now