Email address | private |
---|---|
Website | malvuln.com |
First Active | 2021-01-04 |
Last Active | 2024-04-16 |
Backdoor.Win32.Dumador.c malware suffers from a buffer overflow vulnerability.
32edf47bda897a0471a7ffbf6db742832e71820e9d55f2a6b95b5e7a897a6cc8
Trojan.Win32.Razy.abc malware suffers from an insecure permissions vulnerability.
f42f962b787317ec42e0f8896a6024f38f8e96776bcebf7c0600a7ee39d21c1f
The PsyRAT 0.01 malware listens on random high TCP ports 53297, 53211, 532116 and so forth. Connecting to an infected host returns a logon prompt for PASS. However, you can enter anything or nothing at all and execute commands made available by the backdoor.
49c1a96716eb6676ee82286681b7ec240f24504e592bcf642a8225b45349d927
Win32.STOP.Ransomware (smokeloader) malware suffers from both local and remote code execution vulnerabilities. The remote code execution can be achieved by leveraging a man-in-the-middle attack.
9740a4e0b25da98023aa4b00d3dc186e1ae19f18ff322ffbd1efa8acd634f49a
Backdoor.Win32.Emegrab.b malware suffers from a buffer overflow vulnerability.
c0d8137645859e14608a0b7a84c3cadd70d3be3e7d59a937b20c600dbcc88162
Backdoor.Win32.Beastdoor.oq malware suffers from a remote command execution vulnerability.
72378386669ae9759edcef742e72bbceb8bebb4fef342a5fb8f58cf8290dd75a
Backdoor.Win32.Agent.amt malware suffers from bypass and code execution vulnerabilities.
b6b18194f2e689d34f31467983fac3c6ef3ca487f56d307bb7a3aba5b961cffd
Backdoor.Win32.Jeemp.c malware suffers from a hardcoded credential vulnerability.
5e4ddaa4fb20fd54762a11e5e3b4f3336161f26cd683100a9b9009e19ba332e0
Backdoor.Win32.AutoSpy.10 malware suffers from a remote command execution vulnerability.
01433d0ad222e5da0927202b151b19c29afd6ce5f59f4e0b3302a97ed91a29bb
Backdoor.Win32.Armageddon.r malware suffers from a hardcoded credential vulnerability.
a63aee2a17b2de0fd0b66bd203d4a2c97938d4d3f44312228c88c11909ae9131
Trojan.Win32 BankShot malware suffers from a buffer overflow vulnerability.
2b3c4192b5308c166c2374b9f23ce4208ceaa4819ae053e8b33695622996db4a
TrojanSpy Win32 Nivdort malware suffers from an insecure permissions vulnerability.
07b40fbb6021397864a451ae058f9ce4a25bc6a349ce285a033ab5429f0d1070
Backdoor.Win32 Carbanak (Anunak) malware creates 8 named pipes used for C2 and interprocess communications and grants RW access to the Everyone user group.
025b315fe5e6131bdb0582d4066dabd2e50db6a7fe60aaa367ddf178890a85fb
RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware by placing PE files in the x32 or x64 directories where the program is run from.
3d0954a58224a8f54be67a55a09030ed0b5de5923f0fb95816b6be7924a22000
RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware.
be0ca518deef51df0a96636cca863c555649559f4b5ef25817a684ecfa1b4b9a
Adversary3 is a tool to navigate the vast www.malvuln.com malware vulnerability dataset.
9b13bea6b5b0bded8397b049cc552bc744cf3d67513c8059ab448bf8e9242f5a
Ransom.Win64.AtomSilo malware suffers from a cryptography logic flaw.
3f34b49de4ec6bce1e97067f5337c3513d5b66c17f2c5706a17f5ee88759871f
Backdoor.Win32.InCommander.17.b malware suffers from a hardcoded credential vulnerability.
099c10722a16f8ff775b1d257478160f16555c845382490673f316cc2a4f04e4
Trojan-Dropper.Win32.Decay.dxv (CyberGate 1.00.0) malware suffers from an insecure proprietary password encryption vulnerability.
327cdad4f54bb339def30383a6e9ad6ba1713e20fa30cdbaf1573da6857d4dfe
Backdoor.Win32.Delf.gj malware suffers from an information leakage vulnerability.
622118d5760b64ae86f8de28e2d430c1c15ec650e7c1db8f5920f134dd887c5e
Backdoor.Win32.Autocrat.b malware suffers from a weak hardcoded credential vulnerability.
d7a1dbe69c51797b7a119cf51d50bfdc0cf2f5d6383559a3c42e0b551d24f2ff
Win32.Ransom.Conti ransomware fails to encrypt non PE files that have a ".exe" in the filename. Creating specially crafted file names successfully evaded encryption for this malware sample.
d9c0e9406b722512df44cebb17c86eb5064420bbea72fa35eda62ac98a591282
Trojan.Win32.DarkNeuron.gen malware creates an IPC pipe with a NULL DACL allowing RW for the Everyone user.
419a95e24053a48a5b8a151771f5d30d68d5dbe8ac113c538ae6b1f007c00d2a
Backdoor.Win32.Serman.a malware suffers from an unauthenticated open proxy vulnerability.
e221bc8a4c226f37e8a799ddd862aa9890e65551bd528db38964e5e344ccb498
Backdoor.Win32.Oblivion.01.a malware suffers from an insecure transit vulnerability due to sending passwords in the clear over the wire.
c9b00ae1cb0d588d2139660e2b1f0d2bffb8cafec26176d718c3f41580dbc52e