Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on August 06, 2022, 10:20:18 PM

Title: Is this remote access trojan detected?
Post by: polonus on August 06, 2022, 10:20:18 PM: See: https://urlhaus.abuse.ch/url/2267409/
The malware detected is being detected as njRAT

For detection see: https://www.virustotal.com/gui/url/6d2faa8f8472d39ef168e3233569ed42a6cd484592c914cb378a461d36c4b4d2/details

Among those that do not detect is sucuri's: https://sitecheck.sucuri.net/results/https/wtools.io/paste-code/bDTb

Medium risk and cookie settings error given here:
Insecure cookie setting: missing Secure flag
Confirmed
Collapse panel
URL
htxps://wtools.io/paste-code/bDTb
COOKIE NAME
_csrf-frontend
EVIDENCE
Set-Cookie: _csrf-frontend=e70a5dbbfd9a3d849f9648a72832a3118dbf6dee1beab39ba63bb3ca3a31108ea%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22ZoWKzryhVZ1q3TZMMe5ZXaFOwb3mNar6%22%3B%7D; path=/; samesite=Lax

polonus

SMF 2.0.18 | SMF © 2015, Simple Machines