MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5b35f0e97e5fdc0a4ebf7936a92b93ad59d83b4babbfa127983ef56cf5698cea. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MyDoom


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5b35f0e97e5fdc0a4ebf7936a92b93ad59d83b4babbfa127983ef56cf5698cea
SHA3-384 hash: d1cebc8c45a76ee3530616f20e5ee583f6f75b74ce5a1f5c6d51d4ad1ba4254e32af4ab0f2fc8d8aaee0ac6ade55545f
SHA1 hash: 14166f5229cef542e762ca80175186f975160144
MD5 hash: 5197700694473c45de25aea5df487391
humanhash: magnesium-alanine-india-sierra
File name:5b35f0e97e5fdc0a4ebf7936a92b93ad59d83b4babbfa127983ef56cf5698cea
Download: download sample
Signature MyDoom
Create hunting rule
File size:22'036 bytes
First seen:2020-11-07 19:30:05 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 5d02f6de12eb07fb22fe87e05e50d6a0 (131 x MyDoom)
ssdeep 384:FZcpzCIqdG3A3WUkx38GZDJuJbf1+o44u8gZqzUWzrYBYD:SCIqdH/k1ZVcT194jpZv+cs
Threatray 18 similar samples on MalwareBazaar
TLSH 32A2C09637AAA8C5C19401764957EDB0386A7C347DFC832B3B50FBBFB635A1C1944126
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
74
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Worm.Mydoom-5
Create hunting rule

Win.Worm.Mydoom-6804110-0
Create hunting rule

Win.Worm.Mydoom-7
Create hunting rule

Win.Worm.Mydoom-216
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a file in the Windows directory
Searching for the window
Delayed reading of the file
Creating a file in the %temp% directory
Connection attempt
Launching a process
Creating a window
Sending a UDP request
Enabling autorun with the standard Software\Microsoft\Windows\CurrentVersion\Run registry branch
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5b35f0e97e5fdc0a4ebf7936a92b93ad59d83b4babbfa127983ef56cf5698cea/
Threat name:
Win32.Worm.Mydoom
Create hunting rule
Status:
Malicious
First seen:
2020-11-07 19:39:08 UTC
AV detection:
28 of 29 (96.55%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
0866503133795e4a11dc96035509b20690e54ff83bc7b097d09fb9e6a8fae609
MyDoom
0a5234bc3c80c508bcdcb942bb7b3adee8b924ca01f7a05f73d63019e0cc998d
MyDoom
443a21c3eb4816043efe27b9131639790ebb5b904e00fc61659f216dcebf4566
MyDoom
50bc5eab97c30fc8a5727b329429d3c02244a5fa9bdcf4e3740d5a6cdb86d3d6
MyDoom
53e965eade166aa90d1ea47c6cf49ab444218d20b97ca6873bb87c9357fc366b
MyDoom
aed37426ab1392058ce03af3d837334bc2127d1cc588f3ce099356934eddb1e8
MyDoom
e0f9f893f02c3bd8ef86da41af4e256933e741d08e80481bc7ef157293105187
MyDoom
e181173a790c05deabbc8e2bf99c7ee55349b47e916d2bf7373cc13691f88aa9
MyDoom
e7762f57fb5e45ea8395e9c607702142c9d4875b9ed7cb5717bb77507aacc318
MyDoom
f8a58a4f5f09d424236105f30a1e00caa964fd1de11c5abb4a62d2bddaca36ce
MyDoom
+ 8 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  8/10
Tags:
persistence
Link:
https://tria.ge/reports/201108-6lx7s8a2y6/
Behaviour
Drops file in Program Files directory
Drops file in Windows directory
Adds Run key to start application
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments