Email address | private |
---|---|
Website | malvuln.com |
First Active | 2021-01-04 |
Last Active | 2024-04-16 |
Trojan.Win32.Platinum.gen malware suffers from a code execution vulnerability.
cdc9993c4bb438c0123a75bf753431e3118f0f97de1d721144c5ddb34cf6a07e
Backdoor.Win32.Quux malware suffers from a weak hardcoded credential vulnerability that can allow an attacker to achieve remote code execution.
b4e768cfae821d6b42a6a1558a7ebf632c607467e2460738406164be6973a5b9
Backdoor.Win32.RemServ.d malware suffers from a remote command execution vulnerability.
b0430cb5e5e617e50b9038ab9865a9bd2f7b70fa286736b9fd7fbec68609f4eb
Backdoor.Win32.Aphexdoor.LiteSock malware suffers from a buffer overflow vulnerability.
d57d90a38779e50f2f3781d526a6a644767970cad56ee33df9c573299a86202e
HEUR:Trojan.MSIL.Agent.gen malware suffers from an information disclosure vulnerability.
e2541968fed4764deda9f626a5dd6d150f8556edd06d7b191deae236b82a62c2
Backdoor.Win32.Psychward.10 malware suffers from an unauthenticated remote command execution vulnerability.
50c8d45b439f940960ae1c8f607103a266bf0e358d5a088cf19752880f976bdf
Email-Worm.Win32.Kipis.c malware suffers from a remote file write vulnerability that allows for remote code execution.
a928474123c62826be6937b0f16cc3bd810a092305c80c11b1dba87312f0d8be
Backdoor.Win32.Delf.arh malware suffers from an authentication bypass vulnerability.
e5c413409b33c8c771245af2c651a2554e93871a2544df61fe5e997eedfd885b
Backdoor.Win32.Redkod.d malware suffers from a hardcoded credential vulnerability.
c8a2b863479547ba380b48a0438c4767f9701d170eaab936769fe27a7277e3d9
Backdoor.Win32.DarkSky.23 malware suffers from a buffer overflow vulnerability.
ccfdc5120ab2daf0c23bd4df3097f4eb8bff39aa1e7887bbd6954a2132619c04
Backdoor.Win32.Delf.eg malware suffers from an unauthenticated remote command execution vulnerability.
647bd7e9095b288a89ae94fb9fdf863e6f1885af0b181b032ba01f65602b3f36
Backdoor.Win32.NTRC malware suffers from a hardcoded credential vulnerability.
a322e5735d0deb5c868f091706d37757fb129052cbe2bf666954811ee4775878
Backdoor.Win32.Augudor.b malware suffers from a code execution vulnerability.
eb63fba65d43437a287680fff71157dd2127d980055e141a70d67d2a9e75bbe9
Backdoor.Win32.Psychward.b malware suffers from a hardcoded credential vulnerability.
4a196172d709119bf5c9fd8264d2064a406a4232f965f914f828caf704ad4124
Backdoor.Win32.Bingle.b malware suffers from a hardcoded credential vulnerability.
2071a5c002ce27b0ea6b560999d5a672774467ed9490813fdbb0280c50591569
Backdoor.Win32.Hellza.120 malware suffers from a remote command execution vulnerability.
cdc70328ddf40e49dc5b1f2be3419c1dac2bfb6b0721efd3f3603444e744fbd5
Backdoor.Win32.Hellza.120 malware suffers from an authentication bypass vulnerability.
adbd455e6069c90acd875b4a68a6da7ff2670fe9ef0da2ea17802f855cdd6cda
Trojan.Ransom.Ryuk.A ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. Once loaded the exploit dll will check if the current directory is "C:\Windows\System32" and if not, we grab our process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.
cf8ca0f9491742132b26f99723587a07bd7827506a1fb18e871a77bfbc3b9a62
Trojan-Dropper.Win32.Corty.10 malware suffers from an insecure credential storage vulnerability.
32271f7a5d8be605d0185b7cf8397b7bf3093ad269844c0104016e34a6185027
Trojan-Ransom.Win32.Hive.bv malware suffers from a code execution vulnerability.
f83469a387bb85b1095ec29c4bce40b4dee2ed888fd5d49f25e84791155b9806
Trojan.Win32.Autoit.fhj malware creates two processes "xservice.exe" and a child process "xps.exe". The process creates an IPC pipe with a NULL DACL allowing RW for the Everyone user group.
9841ae12eb6bf5ae767a59bd72cbbd7fd293da629995025465c618d5121bbc7e
Trojan-Spy.Win32.Pophot.bsl malware suffers from an insecure permissions vulnerability.
d84abac25b9b004380790dd21ceec9c49b73c59db79cee24d39decbe0e1623e1
Backdoor.Win32.Hupigon.aspg malware suffers from an unquoted service path vulnerability.
887752ece5bea2b15b4d32426b1e97bffee8aa1a6842c8f917087432b7ff5e71
Backdoor.Win32.Winshell.5_0 malware suffers from a hardcoded credential vulnerability.
201d48fd8e208d4a8f0f5fe13f6ea04030c8b92edf569417c28e11967d421e3b
Trojan.Win32.Autoit.fhj malware suffers from an insecure permissions vulnerability.
0f6155ea2513333fd3502daa57841369a525497799193023cf1e190924b6beef