Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.107306
Categoría:Malware
Título:Orangeworm Kwampirs Trojan Detection
Resumen:The script tries to detect the Orangeworm Kwampirs Trojan via various known Indicators of Compromise (IOC).
Descripción:Summary:
The script tries to detect the Orangeworm Kwampirs Trojan via various known Indicators of Compromise (IOC).

Vulnerability Insight:
The Orangeworm group is using a repurposed Trojan called Kwampirs to set up persistent remote access after they infiltrate
victim organizations. Kwampirs is not especially stealthy and can be detected using indicators of compromise and activity on the target system. The Trojan
evades hash-based detection by inserting a random string in its main executable so its hash is different on each system. However, Kwampirs uses consistent
services names, configuration files, and similar payload DLLs on the target machine that can be used to detect it.

Vulnerability Impact:
Trojan.Kwampirs is a Trojan horse that may open a back door on the compromised computer. It may also download potentially malicious files.

Affected Software/OS:
All Windows Systems.

Solution:
A whole cleanup of the infected system is recommended.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2022 E-Soft Inc. Todos los derechos reservados.