Read Time:20 Second
Posted by malvuln on Apr 27
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/f15d05f74899324ecb61ee29ad162fad.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Trojan-Banker.Win32.Banker.heq
Vulnerability: Insecure Permissions
Description: The malware writes a BAT script file with insecure permissions
to c drive granting change (C) permissions to the authenticated user group.
Standard users can rename…