Overview

overview

10

Static

static

5

fa2666f539...18.exe

windows7-x64

10

fa2666f539...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa2666f539421b14735e74cf39559c3b_JaffaCakes118

  • Size

    48KB

  • Sample

    241218-fdt2ratmb1

  • MD5

    fa2666f539421b14735e74cf39559c3b

  • SHA1

    420dc46dc5049425e739f9c4657aaff851bed956

  • SHA256

    9f9939cb662d3d3b371fdab0ff129014bf8a229d42684bf157900869e4cca88f

  • SHA512

    a85c46b2cc91b115a0e9468f757bfb9df4da3f3566410b369db75d9d0581cd697dcf21c114d89c1f14a93f4fcc95edcfd2c46f0d4d92ea1f48a6d066045745b4

  • SSDEEP

    768:jv8IRRdsxq1DjJcqOmdGxDOmgd7w0ID9h7my9pNXczhZbloMyl:DxRTsxq1DjCiQhOmgyNH7n9gbloMK

Score
10/10
mydoomdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      fa2666f539421b14735e74cf39559c3b_JaffaCakes118

    • Size

      48KB

    • MD5

      fa2666f539421b14735e74cf39559c3b

    • SHA1

      420dc46dc5049425e739f9c4657aaff851bed956

    • SHA256

      9f9939cb662d3d3b371fdab0ff129014bf8a229d42684bf157900869e4cca88f

    • SHA512

      a85c46b2cc91b115a0e9468f757bfb9df4da3f3566410b369db75d9d0581cd697dcf21c114d89c1f14a93f4fcc95edcfd2c46f0d4d92ea1f48a6d066045745b4

    • SSDEEP

      768:jv8IRRdsxq1DjJcqOmdGxDOmgd7w0ID9h7my9pNXczhZbloMyl:DxRTsxq1DjCiQhOmgyNH7n9gbloMK

    Score
    10/10
    mydoomdiscoverypersistenceupxworm

    • Detects MyDoom family

    • MyDoom

      MyDoom is a Worm that is written in C++.

      wormmydoom

    • Mydoom family

      mydoom

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks