Posted by malvuln on Jan 07

Discovery / credits: Malvuln – (c) 2021
Original source:
Contact: malvuln13 () gmail com

Threat: Backdoor.Win32.Jtram.a
Vulnerability: Insecure Credential Storage
Description: The malware listens on TCP port 1321 as an FTP server. The
credentials are stored in cleartext in a file named “rconnect.conf.
Type: PE32
Read More – Full Disclosure

By |2022-01-07T14:18:50-05:00January 7th, 2022|