all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Trojan.Ransom.Ryuk.A MVID-2022-0640 Code Execution

Add to bookmarks
Sept. 20, 2022, 1:53 p.m. |

Packet Storm packetstormsecurity.com

Trojan.Ransom.Ryuk.A ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. Once loaded the exploit dll will check if the current directory is "C:\Windows\System32" and if not, we grab our process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.

code code execution ransom ryuk trojan

Visit resource

More from packetstormsecurity.com / Packet Storm

Debian Security Advisory 5665-1 4 days, 15 hours ago | packetstormsecurity.com
advisory debian debian linux security engine +7
Debian Security Advisory 5664-1 4 days, 15 hours ago | packetstormsecurity.com
advisory attackers can clients +20
Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference 4 days, 15 hours ago | packetstormsecurity.com
audio client client-side configuration +11
Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass 4 days, 15 hours ago | packetstormsecurity.com
access attackers audio authentication +15
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference 4 days, 15 hours ago | packetstormsecurity.com
client client-side configuration device +12
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass 4 days, 15 hours ago | packetstormsecurity.com
access attackers authentication authentication bypass +16
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference 4 days, 15 hours ago | packetstormsecurity.com
client client-side configuration device +10
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass 4 days, 15 hours ago | packetstormsecurity.com
access attackers authentication authentication bypass +14
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference 4 days, 15 hours ago | packetstormsecurity.com
1.0.0 broadcast client client-side +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

L2-Network Security Administrator

@ Kyndryl | KIN51515 Mumbai (KIN51515) We Work
View on infosec-jobs.com

Head of Cybersecurity Advisory and Architecture

@ CMA CGM | Marseille, FR
View on infosec-jobs.com

Systems Engineers/Cyber Security Engineers/Information Systems Security Engineer

@ KDA Consulting Inc | Herndon, Virginia, United States
View on infosec-jobs.com

R&D DevSecOps Staff Software Development Engineer 1

@ Sopra Steria | Noida, Uttar Pradesh, India
View on infosec-jobs.com
View more jobs