Posted by malvuln on Jan 07

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/596882dfba543b23ad3225d24ee5e800.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jtram.a
Vulnerability: Insecure Credential Storage
Description: The malware listens on TCP port 1321 as an FTP server. The
credentials are stored in cleartext in a file named “rconnect.conf.
Type: PE32
MD5:…
Read More – Full Disclosure


By |2022-01-07T14:18:50-05:00January 7th, 2022|