Analysis of MyDoom.A

Discussed in this paper are several types of analysis done with MyDoom.A. The analysis consisted of three parts: static, dynamic, and code analysis. For static analysis, a live copy of the MyDoom.A virus was taken. From there, hash values were checked and the executable was analyzed using hex editors. In dynamic analysis, MyDoom.A was ran in a virtual environment. From this, accessed files and generated processes were observed. For code analysis, the source code of myDoom.A was analyzed and several key functions used to initiate MyDoom.A's attacks were recorded. This project is a demonstration of the skills and techniques that were acquired in studying malware analysis.