Posted by malvuln on May 18

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/e85a1028a52fcc723353a236ada54fee.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.cy
Vulnerability: Weak Hardcoded Credentials
Description: The malware listens on TCP port 1111, drops an executable
named “Spoolsw.exe” under SysWOW64 dir that runs with SYSTEM integrity. The
password…
Read More – Full Disclosure


By |2021-05-18T18:19:00-04:00May 18th, 2021|