Read Time:20 Second
Posted by malvuln on May 07
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/46bfd4f1d581d7c0121d2b19a005d3df.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Ransom.Satana
Vulnerability: Code Execution
Description: Satana searches for and loads a DLL named “wow64log.dll” in
WindowsSystem32. Therefore, we can drop our own DLL to intercept and
terminate the malware pre-encryption….