Posted by malvuln on Jan 03
Discovery / credits: malvuln – Malvuln.com (c) 2021
Original source:
http://malvuln.com/advisory/82183b3d85311a39fb80ae07357594e5.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: BACKDOOR.WIN32.REMOTEMANIPULATOR
Vulnerability: Insecure Permissions
Description: Creates a dir Folder139 with insecure permissions as it
hands authenticated users change permissions (C). The backdoor drops
an EXE named audiohd.exe which is not…
– Read More – Full Disclosure