Aside from performing code injections into remote processes, the distributed kernel driver also allows system data exfiltration to a remote server connected to Hubei Dunwang Network Technology Co., Ltd, according to an ESET analysis.
Article Link: Microsoft-signed driver leveraged by HotPage adware | SC Media