Add Teramind drivers #243
Description
Not sure if this qualifies as a LOL Driver but had a case where the TA installed Teramind employee monitoring software.
In Stealth mode it installs to a GUID named dir in programdata, but sets up these two drivers to do its collection.
C:\Windows\System32\drivers\tm_filter.sys {"MD5":"3f9829071109fc051bd7f6b01a35ed46""SHA1":"b2c1222c96221e031e9e3b64cf3ae00de5cdcff6""SHA256":"e9fda504c9bdbe785c55a279ebb27e31783155570ab0c242e1" } |
C:\Windows\System32\drivers\tmfsdrv2.sys {"MD5":"d8d1c6cd663c9c5a457d8147e10c4e64""SHA1":"fc5d815dde49b85efb51e89af45dd011c044f72a""SHA256":"2cea1a8d5d23a5ed2c2ac2a0c7c0d95da516aa355224cc707f"
Use case is input capture