mydoom | 0068c64392a9a39ef837cf6ebcae5e57e56caf3edff4796cea900532e74b72be[.]zip

General

Target

0068c64392a9a39ef837cf6ebcae5e57e56caf3edff4796cea900532e74b72be.zip
Size

25KB
MD5

6aea1d8b4d79bfc9dcf2117a70550418
SHA1

e00935cd997f6a1af2a8ca76fae7d49413bf25d1
SHA256

0068c64392a9a39ef837cf6ebcae5e57e56caf3edff4796cea900532e74b72be
SHA512

db1683ca96270000f7aade833fb033fdb77e5e19520e400bbcd4a569710e45899e87d0c3cb166a19ef7bae556d29435c19d6895ff941fb0111d9a75893a7a3ad
SSDEEP

384:ZlzFlWgbar7QDvwQEbS8X2KqVpuenh8pcgN8+tmftpS2M9ZAzxrO4qgGU1Wx:ZFXar7QD4vVX2XVAeWDN8b1pwPA5OpUa

Score

10^/10

mydoom

Detects MyDoom family 1 IoCs

resource	yara_rule
static1/unpack001/Email-Worm.MyDoom.M.exe	family_mydoom

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Email-Worm.MyDoom.M.exe

0068c64392a9a39ef837cf6ebcae5e57e56caf3edff4796cea900532e74b72be.zip
.zip

Password: infected
Email-Worm.MyDoom.M.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ