mydoom | 6f87e8073d666df3cefb36bc68cccec0f8f29d4d6cbffa3942a598ab52ee8d4f | Triage

Submit
Reports

Overview

overview

Static

static

6f87e8073d...fN.exe

windows7-x64

6f87e8073d...fN.exe

windows10-2004-x64

Sharing

General

Target

6f87e8073d666df3cefb36bc68cccec0f8f29d4d6cbffa3942a598ab52ee8d4fN.exe
Size

28KB
Sample

241118-cpcp3a1jhr
MD5

ca91f6768ca4024dd0e08a3078d3a920
SHA1

178fe04ad2669eacb6b5fbb107808fd76fa9048c
SHA256

6f87e8073d666df3cefb36bc68cccec0f8f29d4d6cbffa3942a598ab52ee8d4f
SHA512

0a2f64b0afedaf1affb51c07e0061b400c821776bef9cbc6ccf229972fc60431224c0e93a7680937a1478497acba87d0ca8db24cf63c7855ae2c8c2758135fd4
SSDEEP

384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNk:Dv8IRRdsxq1DjJcqfb

Score

10^/10

mydoom discovery persistence upx worm

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

6f87e8073d666df3cefb36bc68cccec0f8f29d4d6cbffa3942a598ab52ee8d4fN.exe

Resource

win7-20240729-en

mydoom discovery persistence upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

6f87e8073d666df3cefb36bc68cccec0f8f29d4d6cbffa3942a598ab52ee8d4fN.exe

Resource

win10v2004-20241007-en

mydoom discovery persistence upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  6f87e8073d666df3cefb36bc68cccec0f8f29d4d6cbffa3942a598ab52ee8d4fN.exe
- Size
  
  28KB
- MD5
  
  ca91f6768ca4024dd0e08a3078d3a920
- SHA1
  
  178fe04ad2669eacb6b5fbb107808fd76fa9048c
- SHA256
  
  6f87e8073d666df3cefb36bc68cccec0f8f29d4d6cbffa3942a598ab52ee8d4f
- SHA512
  
  0a2f64b0afedaf1affb51c07e0061b400c821776bef9cbc6ccf229972fc60431224c0e93a7680937a1478497acba87d0ca8db24cf63c7855ae2c8c2758135fd4
- SSDEEP
  
  384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNk:Dv8IRRdsxq1DjJcqfb
Score

10^/10

mydoom discovery persistence upx worm
- Detects MyDoom family
- MyDoom
  MyDoom is a Worm that is written in C++.
  worm mydoom
- Mydoom family
  mydoom
- Executes dropped EXE
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mydoomdiscoverypersistenceupxworm

behavioral2

mydoomdiscoverypersistenceupxworm

© 2018-2024

Terms | Privacy