Overview

overview

10

Static

static

1

99compress.py

windows11-21h2-x64

10

Resubmissions

12-01-2025 20:27

250112-y8qlxsxqgv 10

12-01-2025 20:17

250112-y2sgyaznep 8

12-01-2025 20:07

250112-ywfwysxlft 10

12-01-2025 19:55

250112-yngtaawrdt 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    99compress.py

  • Size

    2KB

  • Sample

    250112-ywfwysxlft

  • MD5

    87ce3a21c9af0b3c2271e5ebe8f70658

  • SHA1

    f299f35fc0693a9d196f53d0e7b60e94f6cc22ac

  • SHA256

    fd08c82277d56982a16196dfa852ebbbfdd67752619274a6ddb4ad4b123f5ba3

  • SHA512

    be03c98744791881f23db47d4cf9397a2c9cb0712344f1357f7cf1f67b95574b7c270a54c66074d78ffd092d984ec7ad57661e02c16578116339cf1edf08f7f7

Score
10/10
mydoomdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      99compress.py

    • Size

      2KB

    • MD5

      87ce3a21c9af0b3c2271e5ebe8f70658

    • SHA1

      f299f35fc0693a9d196f53d0e7b60e94f6cc22ac

    • SHA256

      fd08c82277d56982a16196dfa852ebbbfdd67752619274a6ddb4ad4b123f5ba3

    • SHA512

      be03c98744791881f23db47d4cf9397a2c9cb0712344f1357f7cf1f67b95574b7c270a54c66074d78ffd092d984ec7ad57661e02c16578116339cf1edf08f7f7

    Score
    10/10
    mydoomdiscoverypersistenceupxworm

    • Detects MyDoom family

    • MyDoom

      MyDoom is a Worm that is written in C++.

      wormmydoom

    • Mydoom family

      mydoom

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks