Overview

overview

10

Static

static

10

e2782725ff...18.exe

windows7-x64

10

e2782725ff...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2782725ff19b07aff77868dbdc744da_JaffaCakes118

  • Size

    28KB

  • Sample

    240915-phra4athjj

  • MD5

    e2782725ff19b07aff77868dbdc744da

  • SHA1

    e95a23354ea5dcef1e548bda4bf698f0e263ddd7

  • SHA256

    9db116ab607dd6c2774018c2fc200fcabb53c1ee1f07b9be7ea6be56f2efe00d

  • SHA512

    d642d6797cdfc8d4db4f264799c6fb95ca7dcc28fddde8d838b4929f0963bc02537ac4019fe905eedb70308ba124e9dc9517be7f6fbf26dc8f30ca2627c26de5

  • SSDEEP

    384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNzdpN:Dv8IRRdsxq1DjJcqfSdpN

Score
10/10
mydoomdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      e2782725ff19b07aff77868dbdc744da_JaffaCakes118

    • Size

      28KB

    • MD5

      e2782725ff19b07aff77868dbdc744da

    • SHA1

      e95a23354ea5dcef1e548bda4bf698f0e263ddd7

    • SHA256

      9db116ab607dd6c2774018c2fc200fcabb53c1ee1f07b9be7ea6be56f2efe00d

    • SHA512

      d642d6797cdfc8d4db4f264799c6fb95ca7dcc28fddde8d838b4929f0963bc02537ac4019fe905eedb70308ba124e9dc9517be7f6fbf26dc8f30ca2627c26de5

    • SSDEEP

      384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNzdpN:Dv8IRRdsxq1DjJcqfSdpN

    Score
    10/10
    mydoomdiscoverypersistenceupxworm

    • Detects MyDoom family

    • MyDoom

      MyDoom is a Worm that is written in C++.

      wormmydoom

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks