Category Archives: Advisories

Trojan.Win32.Autoit.fhj / Named Pipe Null DACL

Read Time:19 Second

Posted by malvuln on Sep 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/d871836f77076eeed87eb0078c1911c7_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Autoit.fhj
Vulnerability: Named Pipe Null DACL
Family: Autoit
Type: PE32
MD5: d871836f77076eeed87eb0078c1911c7
Vuln ID: MVID-2022-0638
Disclosure: 09/06/2022
Description: The malware creates two processes…

Read More

Trojan-Ransom.Win32.Hive.bv / Arbitrary Code Execution

Read Time:20 Second

Posted by malvuln on Sep 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/44aba241dd3f0d156c6ed82a0ab3a9e1.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Ransom.Win32.Hive.bv
Vulnerability: Arbitrary Code Execution
Description: Hive Ransomware will load and execute arbitrary .EXE PE files
if a third-party adversary or defender uses the vulnerable naming
convention of…

Read More

Trojan-Spy.Win32.Pophot.bsl / Insecure Permissions

Read Time:20 Second

Posted by malvuln on Sep 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/8c0e6ec6b8ac9eb1169e63df71f24456.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Spy.Win32.Pophot.bsl
Vulnerability: Insecure Permissions
Description: The malware writes a BATCH file “.bat” to c drive granting
change (C) permissions to the authenticated user group. Standard users can
rename the…

Read More