Backdoor.Win32.Wollf.16 Hardcoded Password
Posted by deepcore on January 26, 2021 – 8:30 am
Backdoor.Win32.Wollf.16 malware creates and runs a service named contime.exe with SYSTEM integrity and listens on port 5240. The malware uses a weak hardcoded password of 12345678 which can easily be viewed in the binary using strings utility.
Post a reply
You must be logged in to post a comment.