Overview

overview

10

Static

static

10

Info.5394.... .exe

windows7-x64

7

Info.5394.... .exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e570609b422f2c09242c6be03b2e3ab8_JaffaCakes118

  • Size

    31KB

  • Sample

    241212-jzjdxszpcj

  • MD5

    e570609b422f2c09242c6be03b2e3ab8

  • SHA1

    46f417058e6532c3574161376123e8987c77beb9

  • SHA256

    a1b895f44fee22487a96cff3869b506ce4d71fdee289e009443f7d61aea1795a

  • SHA512

    c0a3990a6a5f73a637cfd0bd413fdfbaa973e4184489ce13a080b59eb7fe4d49e990b8c2dda40cb3c5829ffe4f91b08ff37291620106372f3e73edafdefa3124

  • SSDEEP

    768:XYuwqgY48mWxEgfXmBN0ldWxOFfXFQ30ABVv2:XYwIWT+BqldWxUSESv2

Score
10/10
mydoomdiscoveryevasionpersistenceupxworm

Malware Config

Targets

    • Target

      Info.5394.htm .exe

    • Size

      31KB

    • MD5

      47cc271e765e6cdf0562e692ce805b35

    • SHA1

      0f40032c4deeee340b959c919222e255a63e1043

    • SHA256

      de9bf3159bd5a7b663e8d8a4dc9f9dd921c044bf0564a795a085f9b730d0cfb5

    • SHA512

      5ebbd9b7ef65771c9d95ff12c855da7731f5c4831179e0352841876d71236197596b4d75022f9248fe6bb06c5d166735a825f6af002467cffb6a5ed75bfb61a8

    • SSDEEP

      768:OYuwqgY48mWxEgfXmBN0ldWxOFfXFQ30ABVv:OYwIWT+BqldWxUSESv

    Score
    10/10
    discoverypersistenceupxmydoomevasionworm

    • Detects MyDoom family

    • Modifies security service

      evasion

    • MyDoom

      MyDoom is a Worm that is written in C++.

      wormmydoom

    • Mydoom family

      mydoom

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks