Home / os / winmobile

Backdoor.Win32.Agent.ju (PSYRAT) MVID-2024-0677 Bypass / Command Execution

Posted on 03 April 2024

The PsyRAT 0.01 malware listens on random high TCP ports 53297, 53211, 532116 and so forth. Connecting to an infected host returns a logon prompt for PASS. However, you can enter anything or nothing at all and execute commands made available by the backdoor.

 

TOP