Posted by malvuln on Jan 07

Discovery / credits: malvuln – (c) 2021
Original source:
Contact: malvuln13 () gmail com

Threat: Backdoor.Win32.NinjaSpy.c
Vulnerability: Remote Stack Buffer Overflow
Description: The specimen drops a DLL named “cmd.dll” under C:WINDOWS
which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP
PUT requests with…
Read More – Full Disclosure

By |2021-01-08T06:28:19-05:00January 8th, 2021|