Detection & mitigation against the recent BackSwap Banking Trojan

https://www.bleepingcomputer.com/news/security/backswap-banking-trojan-uses-never-before-seen-techniques/

Referring to above  BackSwap Banking Trojan ,  does McAfee AV & IPS detect/block it?
Think I saw a link (but misplaced it) that McAfee AV can't detect it yet.

Is there alternative ways of detecting/blocking it if AV can't?

What is the hash or IOC for this malware?
sunhuxAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Adam BrownSr Solutions ArchitectCommented:
Note that this particular trojan only affects a few banks based out of Poland and hasn't yet spread beyond that. With that said, however, detecting or blocking attempts to use the javascript: pseudo protocol should act as an effective countermeasure for the more recent versions of this trojan. For the older versions, you can try disabling the copy/paste function in Windows, but this countermeasure would likely cause an unacceptable impact to productivity.
1
btanExec ConsultantCommented:
Look at VT result. the BackSwap banking Trojan has MD5:f8ce875dd49e7c20ccf1f27dd68f9970 and its size is 607.36 KB which is recognized by AV engines with the following tags:

HEUR:Trojan.Script.Generic
JS.Downloader
JS/Dwnldr-VQJ
JS/TrojanDownloader.Nemucod.EAN
TROJ_FRS.VSN1CE18
Trojan.Agent.CZBY
Trojan.JS.Downloader.Nemucod

https://www.virustotal.com/#/file/5349a0c06823fa285faa31381b5566b2a3d8990f6a5b6775288471caa35f8516/detection

For now is to use other AV scanner or some sort of IOC finder using the hash etc but this known threat will sooner be detected by others. Disable of JS and enable application whitelisting to mitigate though it may not be fool-proof and can ne not user friendly.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.