MadoMiner Part 2 - Mask
AlienVault
OCTOBER 29, 2018
In addition, take care with this portion of the malware. Malware Analysis. Sogou.exe is the payload that contains the CPUInfo scanner, however, it has been set to scan for IPV6 addresses. In addition, in Sogou.exe, MadoMiner appears to search for IPV6 addresses that are vulnerable to EternalBlue, as well as installs some tasks.
Let's personalize your content