General
-
Target
a177a27023d435cd8caf075b22656406bf3e3ecef80fa5f8339e3cb804e392a0.exe
-
Size
29KB
-
Sample
250111-vj5srswqfk
-
MD5
5c99b380f17e389ee4a50b1b79a8c45f
-
SHA1
bc037b40c11d23623f9c42a33aa2a8b20a597310
-
SHA256
a177a27023d435cd8caf075b22656406bf3e3ecef80fa5f8339e3cb804e392a0
-
SHA512
4c0e4ae9ee9b2e7162f4ebe4d4416c134e6929b10c1d515fd3203a1f0e94ef7baa9fae80494618cbd0bacc435a219e2c1eca40e156ce0af544df57c98e4fa27f
-
SSDEEP
768:AEwHupU99d2JE0jNJJ83+8zzqgTdVY9/sh/:AEwVs+0jNDY1qi/q0J
Malware Config
Targets
-
-
Target
a177a27023d435cd8caf075b22656406bf3e3ecef80fa5f8339e3cb804e392a0.exe
-
Size
29KB
-
MD5
5c99b380f17e389ee4a50b1b79a8c45f
-
SHA1
bc037b40c11d23623f9c42a33aa2a8b20a597310
-
SHA256
a177a27023d435cd8caf075b22656406bf3e3ecef80fa5f8339e3cb804e392a0
-
SHA512
4c0e4ae9ee9b2e7162f4ebe4d4416c134e6929b10c1d515fd3203a1f0e94ef7baa9fae80494618cbd0bacc435a219e2c1eca40e156ce0af544df57c98e4fa27f
-
SSDEEP
768:AEwHupU99d2JE0jNJJ83+8zzqgTdVY9/sh/:AEwVs+0jNDY1qi/q0J
Score10/10-
Detects MyDoom family
-
MyDoom
MyDoom is a Worm that is written in C++.
-
Mydoom family
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1