Our malware scanning template should be able to help you in this situation. Go into "New Scan" and create a new scan using the "Malware Scan" Template. In this template you can configure a few location to help detect if this threat is present on the systems being scanned using the data found here https://www.us-cert.gov/ncas/alerts/TA17-164A .
You can supply the yara signatures under Settings -> Assessment -> Malware -> Yara Rules
You can provide the list of IPs in the IOC to the "Custom Netstat IP Threat List" Settings -> Assessment -> Malware -> Hash and Whitelist Files -> Custom Netstat IP Threat List
then start the scan. We are aware of the hashes provided for this sample and our malicious process detection plugin will identify and report if the infection is found. The yara rules will detect if the are indicators with a different potential hash, and the netstat custom IP will detect if any of your systems are connected to the IPs listed as the IOC.
We are actually using Nessus Pro 6.11.1 (#101) LINUX
And after I read through my post I see I could have been clearer. Here are the steps...
New Scan, Malware Scan, Assessment, and under "Hash and Whitelist Files you will see "Custom Netstat IP Threat List" (List of IP addresses and descriptions of IPs that you want to detect."
Sorry but I hope that helps,