Read Time:20 Second
Posted by malvuln on May 05
Discovery / credits: Malvuln – (John Page – aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/4c5c1731481ea8d67ef6076810c49e00.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: REvil.Ransom
Vulnerability: Code Execution
Description: REvil looks for and executes DLLs in its current directory.
Therefore, we can hijack a vuln DLL, execute our own code, control and
terminate the malware pre-encryption. The…