CVE-2023-36025

Malware that we analyzed on our site.

Malware-Sample PASS is: infected Xdr33 SHA256: f78075951f0272020ca33fee78c3cf9007a0db1842af5cd0eeab518ccc915b16 POST delluxexe SHA256: 67c911510e257b341be77bc2a88cedc99ace2af852f7825d9710016619875e80 POST TrickGate SHA256: fddea1265c29e98f5b679ff034f27124b688f03f2d4c72442ce5f358ddd3eff0 SHA256: 81adbb94cf5758852ad9d3e7ba4d958b1943715c3837074c7fcaeeee22aadb7b SHA256: 6c0f5

This is the code for the following assignment: Write a program targeting the following user behavior: downloading and running an executable file, for example, in a social engineering style cyberattack The program should have several mandatory features: Antivirus evasion against any EDR, including an enterprise EDR at the time, which was early 2022 Silent, in-memory privilege

Quick test for CVE-2023-26025 behaviours

CVE-2023-36025 Simple test for CVE-2023-36025, based on PoC demoed in twittercom/wdormann/status/1725148437115473947 This code is not meant to run out of the box - the ZIP file must be hosted on a server you own, and be accesible to the victim machine on a file:// URL

Windows SmartScreen Security Feature Bypass Vulnerability

[EXPLOIT] CVE-2023-36025 - Description Windows SmartScreen Security Feature Bypass Vulnerability Usage NOTE handler waiting for tcp request for target PS configure CVE-2023-36025vbs file to change the ip and port to machine ip and port that is being used for the TCP handler configure reverse TCP handler msfconsole use exploit/multi/handler set payload windows/shell_reverse_t

This is the code for the following assignment: Write a program targeting the following user behavior: downloading and running an executable file, for example, in a social engineering style cyberattack The program should have several mandatory features: Antivirus evasion against any EDR, including an enterprise EDR at the time, which was early 2022 Silent, in-memory privilege