 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.107306 |
| Kategorie: | Malware |
| Titel: | Orangeworm Kwampirs Trojan Detection |
| Zusammenfassung: | The script tries to detect the Orangeworm Kwampirs Trojan via; various known Indicators of Compromise (IOC). |
| Beschreibung: | Summary: The script tries to detect the Orangeworm Kwampirs Trojan via various known Indicators of Compromise (IOC). Vulnerability Insight: The Orangeworm group is using a repurposed Trojan called Kwampirs to set up persistent remote access after they infiltrate victim organizations. Kwampirs is not especially stealthy and can be detected using indicators of compromise and activity on the target system. The Trojan evades hash-based detection by inserting a random string in its main executable so its hash is different on each system. However, Kwampirs uses consistent services names, configuration files, and similar payload DLLs on the target machine that can be used to detect it. Vulnerability Impact: Trojan.Kwampirs is a Trojan horse that may open a back door on the compromised computer. It may also download potentially malicious files. Affected Software/OS: All Windows Systems. Solution: A whole cleanup of the infected system is recommended. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Copyright | Copyright (C) 2018 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |