Posted by malvuln on Jan 25

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/b83836d7e6b0893e08d88a7850ca84ee.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Agent.uq
Vulnerability: Insecure Permissions
Description: The malware writes a PE file with a “.sys” extension to c:
drive, granting change (C) permissions to the authenticated user group.
Standard users can rename the…
Read More – Full Disclosure


By |2022-01-25T13:18:46-05:00January 25th, 2022|