General
-
Target
SSFBot.exe
-
Size
70KB
-
MD5
40aa4ba1deb7c46270f0d2ec9a784976
-
SHA1
ede111baba06ef040c72908d1005a5a29b5efea7
-
SHA256
905677ccc4c2f554c7cb802a0c3f0e6c854f21117099be17d43b53ac0b731d5b
-
SHA512
68765745510ba1517ec8b36efa69e97f320008e03449f1d14461ab6e46d083547ade79eaffd27962970cd3c33396fb9b0414aaeb037e17a22db25c0efa6f1960
-
SSDEEP
1536:HTfvt0G7yfDsB/hDQ/FXb7X6OYCtCE2A5miOz5mlKY6yP:zXN7JDQdXb7NYCtfH/OslKYPP
Malware Config
Extracted
xworm
ways-examining.at.ply.gg:18120
-
install_file
USB.exe
Signatures
-
Xworm family
Files
-
SSFBot.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ