Malware

Win32/Mydoom.F information

Malware Removal

The Win32/Mydoom.F is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Mydoom.F virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32/Mydoom.F?



File Info:

name: 952EB961BBFED30D280E.mlw
path: /opt/CAPEv2/storage/binaries/71e1da8d7bd1f5c5078ae4fb15b02cc5adcc6b5c82cf7ff479e731610bc30d2d
crc32: 66E4C67E
md5: 952eb961bbfed30d280eec9fc8fe0658
sha1: 76c0d84ec6d6f4f693ca2bad6467bb7ef753f02e
sha256: 71e1da8d7bd1f5c5078ae4fb15b02cc5adcc6b5c82cf7ff479e731610bc30d2d
sha512: 187348f3ab4ac42fba5891ca83f2233bf7ddb385ccbf49742f2d7973fc58763eaa38c78698e40ecdc1546d826470b0a0fb525e1cddb4b89f41b00e7b01f7b33c
ssdeep: 768:VKHHfuj+ZHaIQB9uz7SXnJHw+NVTGzxpHWilnSFIy1DYVugsHZNnh1PY07taFiiV:QHK+ZHaTXNZOxpZTy1IsHPnh1w0SiiyA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A043BFB3FA5094F7D0E203346A8166366D75EAF033559782FA84095FEDA819B9B3C305
sha3_384: 0d7d5434408fecca41281ae40c92b2698599c069fc306b7e094c73d4c2f7903e654161883177f479ebec2150334036a0
ep_bytes: 558bec81ec10020000e870010000e8d3
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Win32/Mydoom.F also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Cosmu.kZJ8
ElasticWindows.Generic.Threat
MicroWorld-eScanDropped:Win32.Mydoom.3.Gen@mm
SkyhighBehavesLike.Win32.Mydoom.qh
ALYacDropped:Win32.Mydoom.3.Gen@mm
Cylanceunsafe
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaWorm:Win32/Mydoom.fde1
K7GWTrojan ( 005a17331 )
K7AntiVirusTrojan ( 004bcce41 )
BitDefenderThetaAI:Packer.2B115CCA1F
VirITWorm.Win32.Mydoom.F
SymantecW32.Mydoom.F@mm
tehtrisGeneric.Malware
ESET-NOD32Win32/Mydoom.F
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Worm.Mydoom-68
KasperskyEmail-Worm.Win32.Mydoom.e
BitDefenderDropped:Win32.Mydoom.3.Gen@mm
NANO-AntivirusTrojan.Win32.Mydoom.dsipmr
SUPERAntiSpywareTrojan.Agent/Gen-Cryptic
AvastWin32:Agent-CNC [Trj]
TencentEmail-Worm.Win32.Mydoom.pa
SophosW32/Mydoom-F
BaiduWin32.Worm.Mydoom.b
F-SecureTrojan.TR/Crypt.ULPM.Gen
DrWebWin32.HLLM.MyDoom.based
VIPREDropped:Win32.Mydoom.3.Gen@mm
TrendMicroWORM_MYDOOM.GEN
EmsisoftDropped:Win32.Mydoom.3.Gen@mm (B)
IkarusTrojan-Spy.Win32.Agent
JiangminI-Worm/Mydoom.e
AviraTR/Crypt.ULPM.Gen
Antiy-AVLWorm[Email]/Win32.Mydoom
Kingsoftmalware.kb.b.987
MicrosoftWorm:Win32/Mydoom.DM@mm
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitWin32.Mydoom.3.E96F19
ZoneAlarmEmail-Worm.Win32.Mydoom.e
GDataWin32.Trojan.PSE.D7O2F1
VaristW32/Mydoom.DBCN-3337
AhnLab-V3Worm/Win32.MyDoom.R16923
Acronissuspicious
McAfeeW32/Mydoom.c.gen@MM
VBA32Win32.HLLW.Mydoom.e
MalwarebytesGeneric.Malware.AI.DDS
PandaW32/Mydoom.gen.worm
ZonerWorm.Win32.Mydoom.3713
TrendMicro-HouseCallWORM_MYDOOM.GEN
RisingWorm.Mydoom!1.A15C (CLASSIC)
YandexTrojan.GenAsa!VxlTj7xkAHo
SentinelOneStatic AI – Malicious PE
MaxSecureWorm.W32.Mydoom.E
FortinetW32/MyDoom.K!tr
AVGWin32:Agent-CNC [Trj]
Cybereasonmalicious.ec6d6f
DeepInstinctMALICIOUS

How to remove Win32/Mydoom.F?

Win32/Mydoom.F removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment