Posted by malvuln on Jan 07

Discovery / credits: malvuln – Malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.NinjaSpy.c
Vulnerability: Remote Stack Buffer Overflow
Description: The specimen drops a DLL named “cmd.dll” under C:WINDOWS
which listens on both TCP ports 2003 and 2004. By sending consecutive HTTP
PUT requests with…
Read More – Full Disclosure


By |2021-01-08T06:28:19-05:00January 8th, 2021|