Posted by malvuln on Jan 22

Discovery / credits: Malvuln – (c) 2021
Original source:
Contact: malvuln13 () gmail com

Threat: Backdoor.Win32.Onalf
Vulnerability: Missing Authentication
Description: WinRemoteShell (Onalf) listens for commands on TCP port
2020. Interestingly, it will only start listening once it can connect
outbound to SMTP port 25. Not much of a self…
Read More – Full Disclosure

By |2021-01-22T19:22:45-05:00January 22nd, 2021|