MalwareApr 30, 2026
We have found new RedDriver similar to the ones found by Talos (https://t.co/UAZYWmmDLF) They are...
New RedDriver malware variant discovered with WHQL signature and low VirusTotal detection.
Summary
Security researchers identified a new RedDriver malware sample similar to those previously reported by Talos. The malware is signed with a legitimate WHQL certificate and exhibits low detection rates on VirusTotal, suggesting potential supply chain or driver-based attack delivery. The sample contains a Chinese company name (郑州市肆零叁网络科技有限公司) in the certificate metadata.
Indicators of Compromise
- malware — RedDriver
- hash_sha256 — 1da4f7f001d239a54fab50eb7c3cbc985db392a3d4405e19c3a5d2035d591004
Entities
Talos Intelligence (threat_actor)WHQL (Windows Hardware Quality Labs) signing (technology)