Posted by malvuln on Mar 08

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8c2acfcc60dda52db9bd9a934284b673.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.GTbot.c
Vulnerability: Insecure Permissions
Description: GTbot creates an insecure dir called “WINNT” under c: drive
and grants change permissions (C) to the authenticated user group. Standard
users can rename the malware…
Read More – Full Disclosure


By |2021-03-09T08:20:51+00:00March 9th, 2021|