Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17-12-2024 00:55

General

  • Target

    d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe

  • Size

    37KB

  • MD5

    0cd8c990d3d12dc6f03dc9b53ff50bf0

  • SHA1

    897cdd56acffdb40bb4025256f85be761a0c0ff0

  • SHA256

    d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4a

  • SHA512

    ab6f8b80b03d74d85d309bb5287fbf80c36671bbdf947338694fa145934abf3d4b2975ba635936ad3516fbd8dc92ab15ce4a042b00f2e9e4d4899a71dbe61e46

  • SSDEEP

    768:eEU07c92/EyTAYtxqfGNC0klI7C8yOvi3eOrjs:eg7wc1aGNC0klI7CPN3vns

Malware Config

Signatures

  • Detects MyDoom family 2 IoCs
  • MyDoom

    MyDoom is a Worm that is written in C++.

  • Mydoom family
  • Adds Run key to start application 2 TTPs 1 IoCs
  • Drops file in Windows directory 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe
    "C:\Users\Admin\AppData\Local\Temp\d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in Windows directory
    • System Location Discovery: System Language Discovery
    PID:2176

Network

    No results found
  • 15.237.16.68:1042
    d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe
    152 B
    3
  • 63.124.79.254:1042
    d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe
    152 B
    3
  • 15.237.26.136:1042
    d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe
    152 B
    3
  • 141.240.207.197:1042
    d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe
    152 B
    3
  • 158.164.35.236:1042
    d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe
    152 B
    3
  • 66.245.106.88:1042
    d8b072e2117ee2165b02578501bf680003ed28ba175a376463e1812cd7156f4aN.exe
    152 B
    3
No results found

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2176-0-0x0000000000800000-0x000000000080A000-memory.dmp

    Filesize

    40KB

  • memory/2176-3-0x0000000000800000-0x000000000080A000-memory.dmp

    Filesize

    40KB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.