Posted by malvuln on May 18

Discovery / credits: Malvuln – (c) 2021
Original source:
Contact: malvuln13 () gmail com

Vulnerability: Insecure Transit
Description: The malware listens on TCP port 1111, drops an executable
named “Spoolsw.exe” under SysWOW64 that runs with SYSTEM integrity. The
malware passes logon credentials in…
Read More – Full Disclosure

By |2021-05-18T18:19:00-04:00May 18th, 2021|