Read Time:21 Second

Posted by malvuln on Apr 07

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/3b5564e88a0b8a41e4fd730891e635cc.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Easyserv.11.c
Vulnerability: Insecure Transit
Description: The malware makes outbound C2 connection to TCP port 5558.
Credentials are sent over the network in plaintext and the payload looks
exactly like that used by XLog malware…

Read More