Posted by malvuln on May 07
Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/6eece319bc108576bd1f4a8364616264_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.NinjaSpy.c
Vulnerability: Remote Command Execution
Description: The malware listens on TCP ports 2003, 2004 and drops a DLL
named “cmd.dll” under Windows dir. Connecting to port 2003, you will get
back a number…
– Read More – Full Disclosure