Overview

overview

10

Static

static

10

126.exe

windows7-x64

10

126.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6013fd78dad419a38a3d501a9da8d290

  • Size

    47KB

  • Sample

    250101-xfczpaxrfw

  • MD5

    6013fd78dad419a38a3d501a9da8d290

  • SHA1

    73c13ed2835f4dabc1308ea01b89a7a2831c525d

  • SHA256

    4b1eb58a838d56021099d00c05b8abf227d71dbbb7ec4af26d599f1ee0f36f59

  • SHA512

    61826d433391b493cb1b4a65f3e85c1307d2cb2461c67d6fc900a8ee3bcffd02dbf92e356b5cec67e0077ada052a0fdad02cecb8c0e9be8fdc45e9d6b9047ad8

  • SSDEEP

    768:MCIqdH/k1ZVcT194jp4GiiJa3wPGLzrJ7+FCszjSU4nbGG3dGv8U:MNqaLV8a6Gi8mwMMPl0GG3dGv8U

Score
10/10
mydoomdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      126.com

    • Size

      47KB

    • MD5

      d4e75824dc34bc39579ff8ed43d599c5

    • SHA1

      29c9ee5ec75a2ac198822141e4dd8be578306645

    • SHA256

      39af4dbf7a2561059f5b90749284a82c4a3b34545d9db19329fd29041fa05650

    • SHA512

      bb8bf9febe3c9a420d8c9c083e241ca440b11e109e78ae52acc2cc1394b6d376014453c2911d479078eda18eba1d561f59f37a7245be0d65d5d069809d03cf6d

    • SSDEEP

      768:SCIqdH/k1ZVcT194jp4GiiJa3wPGLzrJ7+FCszjSU4nbGG3dGv8J:SNqaLV8a6Gi8mwMMPl0GG3dGv8J

    Score
    10/10
    mydoomdiscoverypersistenceupxworm

    • Detects MyDoom family

    • MyDoom

      MyDoom is a Worm that is written in C++.

      wormmydoom

    • Mydoom family

      mydoom

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks