Mydoom (My favorites)[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Mydoom (My favorites).zip
Size

1.1MB
MD5

75dcb9c906ad0947434c82017da95a0f
SHA1

42bca60050d2960755eba2b2b43a5592e417a27f
SHA256

1b853025ff1d266a93c66d668370b7d5401754136dd2d94d8d3fd54e09a2a767
SHA512

b627bf068e0214f58e0d4e0258050ac6f320136882952669c1124faf4e37049e7762e257e26ebebec8ce8a159cae4116222ee936f16f18e67ad03a61607640cf
SSDEEP

24576:oUajVDZi93aJjCcq8RjHpbpubban/E4YmmuHzI6:NaxDZwa5CeHpbpFns4tm+h

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Mydoom (My favorites)/0b75e2fadffc45dff940e58f5b6f8d99832426bb880f432f98d853308b29c9c5.exe	upx
static1/unpack001/Mydoom (My favorites)/1fe99fb7c527a90826896e695f23e712375358df3c7aa9163af6b96d872a9f81.exe	upx
static1/unpack001/Mydoom (My favorites)/c03431309015563257e5e118656d07ce136f151339054b9f66894ecf9dde9aef.exe	upx
static1/unpack001/Mydoom (My favorites)/c45a330cf80c33977658649596d4867301e928381c5fc37ec3edabfad2251324.exe	upx

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Mydoom (My favorites)/0b75e2fadffc45dff940e58f5b6f8d99832426bb880f432f98d853308b29c9c5.exe
unpack001/Mydoom (My favorites)/1fe99fb7c527a90826896e695f23e712375358df3c7aa9163af6b96d872a9f81.exe
unpack003/out.upx
unpack001/Mydoom (My favorites)/c03431309015563257e5e118656d07ce136f151339054b9f66894ecf9dde9aef.exe
unpack001/Mydoom (My favorites)/c45a330cf80c33977658649596d4867301e928381c5fc37ec3edabfad2251324.exe

Files

Mydoom (My favorites).zip
.zip
Mydoom (My favorites)/0b75e2fadffc45dff940e58f5b6f8d99832426bb880f432f98d853308b29c9c5.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Mydoom (My favorites)/1fe99fb7c527a90826896e695f23e712375358df3c7aa9163af6b96d872a9f81.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Mydoom (My favorites)/c03431309015563257e5e118656d07ce136f151339054b9f66894ecf9dde9aef.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 853KB - Virtual size: 856KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Mydoom (My favorites)/c45a330cf80c33977658649596d4867301e928381c5fc37ec3edabfad2251324.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 224KB

UPX1 Size: 83KB - Virtual size: 84KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 24KB

UPX1 Size: 17KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 30KB - Virtual size: 30KB

.rsrc Size: 1KB - Virtual size: 1KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 48KB

UPX1 Size: 853KB - Virtual size: 856KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 32KB

UPX1 Size: 24KB - Virtual size: 24KB

.rsrc Size: 2KB - Virtual size: 4KB

.text Size: 512B - Virtual size: 511B

UPX0
Size: - Virtual size: 224KB

UPX1
Size: 83KB - Virtual size: 84KB

UPX2
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 24KB

UPX1
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 30KB

.rsrc
Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 48KB

UPX1
Size: 853KB - Virtual size: 856KB

.rsrc
Size: 1KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 32KB

UPX1
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 512B - Virtual size: 511B