Read Time:20 Second
Posted by malvuln on Apr 14
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9f39606d9e19771af5acc6811ccf557f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.NinjaSpy.c
Vulnerability: Authentication Bypass
Description: The malware listens on TCP ports 2003, 2004 and drops a PE
file named “cmd.dll” under Windows dir. Connecting to port 2003, you will
get back a number…