mydoom | f03d197752bb20c041b5bc91154d4258a43e7342564c6d52993d1a5d5c6ea703[.]zip

General

Target

f03d197752bb20c041b5bc91154d4258a43e7342564c6d52993d1a5d5c6ea703.zip
Size

52KB
MD5

138b1e1cfb6bba0af33214a4bbf86423
SHA1

441c8465cbb8291a511f8a722bd81b70126f08b6
SHA256

f03d197752bb20c041b5bc91154d4258a43e7342564c6d52993d1a5d5c6ea703
SHA512

8e3e2e04a25bca69e89515bb89724e78fc0d19ffd08a2b3b33ee804aa9d0288f9ae26fba436a9215be0cb92572adde654d7eb279f0ef78c14f7852e67b128ee9
SSDEEP

1536:1JJrCjAsH0GRTOXyRKu46LioXqRiEEwA+:lCA75yRPLiEqiE/A+

Score

10^/10

mydoom

Detects MyDoom family 1 IoCs

resource	yara_rule
static1/unpack001/Email-Worm.MyDoom.Q.exe	family_mydoom

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Email-Worm.MyDoom.Q.exe

f03d197752bb20c041b5bc91154d4258a43e7342564c6d52993d1a5d5c6ea703.zip
.zip

Password: infected
Email-Worm.MyDoom.Q.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ