Overview

overview

10

Static

static

10

message.htm.exe

windows7-x64

10

message.htm.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_0156a4bec40a3c469dbd17d65f2f48b0

  • Size

    28KB

  • Sample

    241231-c45z6asqes

  • MD5

    0156a4bec40a3c469dbd17d65f2f48b0

  • SHA1

    270a9fd97ca8a41b17971fb0e56eeddf473b3790

  • SHA256

    25940302c7a09f3a28622be2ac475615031d5222c46c5be3dcded5eb4d6b2353

  • SHA512

    f936011d36ff0b041304d2bda0c520ea484bf993451d1514730e49ed53d4716638b8816f62a50f5fc19142b683476e2f2e4f3f109e3e9f80155c45e99f6c03e8

  • SSDEEP

    384:RvxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNySOT:3v8IRRdsxq1DjJcqfUOT

Score
10/10
mydoomdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      message.htm .pif

    • Size

      28KB

    • MD5

      114fbe230bfd147d05fcafbf7cd22ede

    • SHA1

      3595cd4e3ce3752296d8c466a7d9c240f0401b39

    • SHA256

      f33dc2556ec5c4ec048951b7d1d366fe9c225f9a66e63263c54fed9bb3bcb680

    • SHA512

      a7b31d95664a803ca6c1afb6170ba3c9a25d5c945335657f2b7b24c3e421328d1d8daf1c6a0b2079b39358147314b06b401dedb2ceb618a45195b6eb84b136fb

    • SSDEEP

      384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNySOu:Dv8IRRdsxq1DjJcqfUOu

    Score
    10/10
    mydoomdiscoverypersistenceupxworm

    • Detects MyDoom family

    • MyDoom

      MyDoom is a Worm that is written in C++.

      wormmydoom

    • Mydoom family

      mydoom

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks