Posted by malvuln on May 25
Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/b297c565899ace88f40e5da833f41561.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Tonerok.d
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 10002 and drops an
executable named “svchost.exe” under Windows dir. Third-party attackers who
can reach an…
– Read More – Full Disclosure