Posted by malvuln on Dec 13

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/8c9e7906d0ad5d0f2267be0057f2a8e3.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Mechbot.a
Vulnerability: Insecure Permissions
Description: The malware creates a dir with insecure permissions under c:
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the executable…
Read More – Full Disclosure


By |2021-12-13T12:19:26-05:00December 13th, 2021|