Posted by malvuln on Mar 23

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/db01783710e0c5aff92156a0e76deade.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Dropper.Win32.Demp.rft
Vulnerability: Insecure Permissions
Description: The specimen creates a dir named “tmp” under c: drive and
grants change (C) permissions to the authenticated user group. Standard
users can rename the…
Read More – Full Disclosure


By |2021-03-23T19:20:11-04:00March 23rd, 2021|