Overview

overview

10

Static

static

10

ea803b7247...18.exe

windows7-x64

10

ea803b7247...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea803b724717981be5a02af1a9ecab3f_JaffaCakes118

  • Size

    28KB

  • Sample

    240919-d1qazayflp

  • MD5

    ea803b724717981be5a02af1a9ecab3f

  • SHA1

    c8760f794c14fcd54e62a3b2db85747422974bfb

  • SHA256

    cf3a8415c3e887143813b0a9b1a423f10cdf4781376b4113b128dea7cba0b461

  • SHA512

    bbfc27fe093ecf8d7a1ff6f1061600fff0253464835bb5f35ab8abbe71871abdbde9d031a912187ddf9d5c4fadaf38ce33cbba77a9f75c06a228d250a0da3433

  • SSDEEP

    384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNG5uu:Dv8IRRdsxq1DjJcqf1

Score
10/10
mydoomdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      ea803b724717981be5a02af1a9ecab3f_JaffaCakes118

    • Size

      28KB

    • MD5

      ea803b724717981be5a02af1a9ecab3f

    • SHA1

      c8760f794c14fcd54e62a3b2db85747422974bfb

    • SHA256

      cf3a8415c3e887143813b0a9b1a423f10cdf4781376b4113b128dea7cba0b461

    • SHA512

      bbfc27fe093ecf8d7a1ff6f1061600fff0253464835bb5f35ab8abbe71871abdbde9d031a912187ddf9d5c4fadaf38ce33cbba77a9f75c06a228d250a0da3433

    • SSDEEP

      384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNG5uu:Dv8IRRdsxq1DjJcqf1

    Score
    10/10
    mydoomdiscoverypersistenceupxworm

    • Detects MyDoom family

    • MyDoom

      MyDoom is a Worm that is written in C++.

      wormmydoom

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks