This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Remove Backup Remove IPv6 Remove SMB Related Topics
Malware Windows Systems Review Architecture Programming Network Performance Applications Analysis Research More Related Topics >
article thumbnail

MadoMiner Part 2 - Mask

AlienVault

OCTOBER 29, 2018

CVE-2017-0143, SMB exploit. CVE-2017-0146, SMB exploit. Sogou.exe is the payload that contains the CPUInfo scanner, however, it has been set to scan for IPV6 addresses. In addition, in Sogou.exe, MadoMiner appears to search for IPV6 addresses that are vulnerable to EternalBlue, as well as installs some tasks. dll or x64.dll

Malware 40
Malware Windows IPv6 Analysis 40
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 48,000+ Insiders by signing up for our newsletter

About
Webinars
Awards
About
Editions
Webinars
Awards
Editions
Topics
LinkedIn Twitter
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024