Overview

overview

3

Static

static

3

ASPRedirec...er.asp

windows7-x64

3

ASPRedirec...er.asp

windows10-2004-x64

3

ASPRedirec...ug.asp

windows7-x64

3

ASPRedirec...ug.asp

windows10-2004-x64

3

ASPRedirec...me.asp

windows7-x64

3

ASPRedirec...me.asp

windows10-2004-x64

3

ASPRedirec...st.asp

windows7-x64

3

ASPRedirec...st.asp

windows10-2004-x64

3

ASPRedirec...in.asp

windows7-x64

3

ASPRedirec...in.asp

windows10-2004-x64

3

ASPRedirec...me.asp

windows7-x64

3

ASPRedirec...me.asp

windows10-2004-x64

3

ASPRedirec...fo.asp

windows7-x64

3

ASPRedirec...fo.asp

windows10-2004-x64

3

Linux/wnserver

ubuntu-18.04-amd64

ServerLobb...st.htm

windows7-x64

1

ServerLobb...st.htm

windows10-2004-x64

1

ServerLobb...st.htm

windows7-x64

1

ServerLobb...st.htm

windows10-2004-x64

1

Source/Data.js

windows7-x64

1

Source/Data.js

windows10-2004-x64

1

Source/FakeWinSock.js

windows7-x64

1

Source/FakeWinSock.js

windows10-2004-x64

1

WNServer.exe

windows7-x64

1

WNServer.exe

windows10-2004-x64

1

wwwroot/index.html

windows7-x64

1

wwwroot/index.html

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    57da06a858ba676473ffe63a19beccd9

  • Size

    482KB

  • MD5

    57da06a858ba676473ffe63a19beccd9

  • SHA1

    761286412108cc7e7559b0b6549f7ee14bf02366

  • SHA256

    2e36f242751acbd0147fab31d4cc3905306a868f6ea8412c4194993797f0d9d5

  • SHA512

    e53ad3ec31ed204b707aa91906c128344beef51e8613f3ba391e96981e76e497dab0ada049561bfb750a01e726ca0d4bbe097fa5f9e101c2b1721abb4be414e1

  • SSDEEP

    12288:wbH+2I7ksOct5TTHcH+ROiuaJ3ju8FUdGPP5Bo0TS65:wcksht5TTkV+juWP5BoM

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 57da06a858ba676473ffe63a19beccd9
    .zip
  • ASPRedirect/readme.txt
  • ASPRedirect/wormageddonweb/Forwarder.asp
  • ASPRedirect/wormageddonweb/Forwarder_debug.asp
  • ASPRedirect/wormageddonweb/Game.asp
  • ASPRedirect/wormageddonweb/GameList.asp
  • ASPRedirect/wormageddonweb/Login.asp
  • ASPRedirect/wormageddonweb/RequestChannelScheme.asp
  • ASPRedirect/wormageddonweb/UpdatePlayerInfo.asp
  • EventLog.log
  • Linux/Linux.txt
  • Linux/wnserver
    .elf linux x86
  • ServerLobby/ServerList.htm
  • ServerLobby/WormsML/ColorTest.htm
  • ServerLobby/WormsML/ColorTest.png
    .png
  • ServerLobby/WormsML/colors.txt
  • Source/Base.pas
  • Source/Data.pas
    .js
  • Source/FakeWinSock.pas
    .js
  • Source/HTTPServer.pas
  • Source/IRCServer.pas
  • Source/WNServer.dpr
  • Source/WNServer.drc
  • Source/WNServer.map
  • Source/WinSockCodes.inc
  • Source/WormNATServer.pas
  • Source/mime.inc
  • Source/motd_team17.txt
  • WNServer.exe
    .exe windows:4 windows x86 arch:x86

    8f50c73af32da6e3625511cd8960284f


    Headers

    Imports

    Sections

  • WNServer.ini
  • WNServer.log
  • motd.txt
  • wwwroot/index.html