mydoom | 1d24c7658d65af01b88133712a2c7f42bcf0c6d2643e2d39ef4de7df211ab929

General

Target

1d24c7658d65af01b88133712a2c7f42bcf0c6d2643e2d39ef4de7df211ab929
Size

30KB
MD5

285056cbad0dcaece27396edcb5d0da5
SHA1

68a94cff3802de8d6430838584c231ec46816a4c
SHA256

1d24c7658d65af01b88133712a2c7f42bcf0c6d2643e2d39ef4de7df211ab929
SHA512

a07c4fb3ea2e5ce059a750a1a000412fc020441b002171bc797f6221fe9cdd843a06898d87210ee91d0b8a89ff0347a5babe2aaea895bbec8cc503702bc6b92d
SSDEEP

768:QrE9b+7qJPK+tsh+i5A5HpgCQcljEHV+QaOBIqC9ZyDTLZ3B9:aE9bzBtsh+i5+JgCQkQV5aO8gTLVB9

Score

10^/10

upx mydoom

Detects MyDoom family 1 IoCs

resource	yara_rule
static1/unpack001/2f2a15123167fe5a66aa0e6b7b64f446103711dc24554c352eebc64717e76775	family_mydoom

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/2f2a15123167fe5a66aa0e6b7b64f446103711dc24554c352eebc64717e76775	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2f2a15123167fe5a66aa0e6b7b64f446103711dc24554c352eebc64717e76775

1d24c7658d65af01b88133712a2c7f42bcf0c6d2643e2d39ef4de7df211ab929
.zip

Password: infected
2f2a15123167fe5a66aa0e6b7b64f446103711dc24554c352eebc64717e76775
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE