mydoom | b84f9d4d94d907e47b84beff70d6be166bb7bffd774d3c7152da0becd728389f | Triage

Submit
Reports

Overview

overview

Static

static

dwmmoowmbkz.exe

windows7-x64

dwmmoowmbkz.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_69bd55618cab31aa8bac91bb83e66270
Size

51KB
Sample

250103-c64j4syqdl
MD5

69bd55618cab31aa8bac91bb83e66270
SHA1

9534933f89f18d0be30054149d6d1df78b6cb72d
SHA256

b84f9d4d94d907e47b84beff70d6be166bb7bffd774d3c7152da0becd728389f
SHA512

8051fec1f69f7ce1d54996b193bd973c07131939b78094fd55492324410da58546053531e1d7267ccc8b8eb8943a4c2db924468ff8560feb437cf6161bef865a
SSDEEP

1536:fe8SMuDd+fK3F6Xs6XdodKA7Dk/Ht0fantpj7P:feRrAVAPkisHT

Score

10^/10

mydoom discovery persistence upx worm

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

dwmmoowmbkz.exe

Resource

win7-20240708-en

mydoom discovery persistence upx worm

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

dwmmoowmbkz.exe

Resource

win10v2004-20241007-en

mydoom discovery persistence upx worm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  dwmmoowmbkz.exe
- Size
  
  51KB
- MD5
  
  f217b9268597022851016736519f50c6
- SHA1
  
  ea10562fbb5232d6a39a1c7c021f3820281f606b
- SHA256
  
  f92908b7940b96d47a62a404a08828aae33a44674ed98124db287d18da54dff4
- SHA512
  
  06b2b2dd58ad8a4bdd14655fdb6c3a05ca5fa25543bd455d3122398f9eccf4c8580b23f934d19378fbc82a86bf4886577f3144ce498888dd416a096ae16a6f8b
- SSDEEP
  
  1536:ae8SMuDd+fK3F6Xs6XdodKA7Dk/Ht0fantpj7B:aeRrAVAPkisHN
Score

10^/10

mydoom discovery persistence upx worm
- Detects MyDoom family
- MyDoom
  MyDoom is a Worm that is written in C++.
  worm mydoom
- Mydoom family
  mydoom
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mydoomdiscoverypersistenceupxworm

behavioral2

mydoomdiscoverypersistenceupxworm

© 2018-2025

Terms | Privacy