General

  • Target

    W32.MyDoom.A.zip

  • Size

    293KB

  • MD5

    ee70b23f67565ce4822f0f5f8d24525e

  • SHA1

    b7d18219951580dbd9f35d7c547ab65853dcbc76

  • SHA256

    8f78806e212e18346b63aebddef9d4ffdc15e12d6c6485b73353989f382acb88

  • SHA512

    5e616915ba3135b75f12bd3c20fa2c4084903fa955f4ea172e5059d4e717ed5a2184e3d1efacc019f2f9bc4d74848a8b3da888c3d3f01179260d12813becdaa9

  • SSDEEP

    6144:wbcyHrF3W6aYQ5UEL2DJ7ikAjteG/QBfJv6hYRFz6FaqXCwLqbCJ:wbcqBW6aYcKN7ikAjteEKBCyRFz4LSwd

Score
10/10

Malware Config

Signatures

  • Detects MyDoom family 1 IoCs
  • Mydoom family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • W32.MyDoom.A.zip
    .zip

    Password: infected

  • Netcraft www_sco_com is a weapon of mass destruction.htm
    .html .js polyglot
  • Netcraft www_sco_com is a weapon of mass destruction_files/n2s.gif
    .gif
  • Netcraft www_sco_com is a weapon of mass destruction_files/netcraft_hunger.gif
    .gif
  • Netcraft www_sco_com is a weapon of mass destruction_files/spdirectory.gif
    .gif
  • Netcraft www_sco_com is a weapon of mass destruction_files/styles-site.css
  • W32.Mydoom.htm
    .html
  • W32.Mydoom2.htm
    .html .js polyglot
  • W32.Mydoom2_files/ads.osdn.gif
    .gif
  • W32.Mydoom2_files/greendot.gif
    .gif
  • W32.Mydoom2_files/pc.gif
    .gif
  • W32.Mydoom2_files/pix.gif
    .gif
  • W32.Mydoom2_files/slc.gif
    .gif
  • W32.Mydoom2_files/title.gif
    .gif
  • W32.Mydoom2_files/topicapmedia.gif
    .gif
  • W32.Mydoom2_files/topicinternet.gif
    .gif
  • W32.Mydoom2_files/topiclinux.gif
    .gif
  • W32.Mydoom2_files/topicnews.gif
    .gif
  • W32.Mydoom2_files/topicscience.gif
    .gif
  • W32.Mydoom2_files/topicspace.gif
    .gif
  • W32.Mydoom_files/arrow.gif
    .gif
  • W32.Mydoom_files/dotted_line.gif
    .gif
  • W32.Mydoom_files/fsc_logo.jpg
    .jpg

    Password: infected

  • W32.Mydoom_files/fsecure.css
  • W32.Mydoom_files/japanese.gif
    .gif
  • W32.Mydoom_files/left_subbuttonbg.gif
    .gif
  • W32.Mydoom_files/main_menu.js
    .js
  • W32.Mydoom_files/main_menu_new.js
    .js
  • W32.Mydoom_files/menu.js
    .js
  • W32.Mydoom_files/mydoom.jpg
    .jpg

    Password: infected

  • W32.Mydoom_files/nav_contact2.gif
    .gif
  • W32.Mydoom_files/nav_legal.gif
    .gif
  • W32.Mydoom_files/nav_privacy.gif
    .gif
  • W32.Mydoom_files/navbar-new.gif
    .gif
  • W32.Mydoom_files/nmydoom.jpg
    .jpg

    Password: infected

  • W32.Mydoom_files/radar-level-1.gif
    .gif
  • W32.Mydoom_files/search-go.gif
    .gif
  • f-mydoom.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    5ae4ba3e388eed47486b914aec730602


    Headers

    Imports

    Sections

  • strip-girl-2.0bdcom_patches.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections