Overview

overview

10

Static

static

10

JaffaCakes...b0.exe

windows7-x64

10

JaffaCakes...b0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_62b90eae8f75c01d328f6eb717b617b0

  • Size

    28KB

  • Sample

    250102-fcdclstnfx

  • MD5

    62b90eae8f75c01d328f6eb717b617b0

  • SHA1

    611ce917e413c97d8f77681a0032a99e6fb56b70

  • SHA256

    41cfee4d6f555e4ff0b9f4f3ae7131ee4ad9215ab488ced7a1e3fce4181a39f5

  • SHA512

    dbb33084a3675a047747d6af89a8077000ec89b7cbf7ed7ffae56ad8326cb5b780e067b5f0719fc43c353e92623603f36e01b52b42b16898ff32591141dc6000

  • SSDEEP

    384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyN/oY/U:Dv8IRRdsxq1DjJcqfYvU

Score
10/10
mydoomdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      JaffaCakes118_62b90eae8f75c01d328f6eb717b617b0

    • Size

      28KB

    • MD5

      62b90eae8f75c01d328f6eb717b617b0

    • SHA1

      611ce917e413c97d8f77681a0032a99e6fb56b70

    • SHA256

      41cfee4d6f555e4ff0b9f4f3ae7131ee4ad9215ab488ced7a1e3fce4181a39f5

    • SHA512

      dbb33084a3675a047747d6af89a8077000ec89b7cbf7ed7ffae56ad8326cb5b780e067b5f0719fc43c353e92623603f36e01b52b42b16898ff32591141dc6000

    • SSDEEP

      384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyN/oY/U:Dv8IRRdsxq1DjJcqfYvU

    Score
    10/10
    mydoomdiscoverypersistenceupxworm

    • Detects MyDoom family

    • MyDoom

      MyDoom is a Worm that is written in C++.

      wormmydoom

    • Mydoom family

      mydoom

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks