A fresh exploration of the malware uncovers a new tactic for bypassing security products by abusing a known driver vulnerability