vobfus | 7fa534d89c4dc5be14d86875fc3e9fbb252851c626fb876d93a19130f8769dd0 | Triage

Sharing

General

Target

7fa534d89c4dc5be14d86875fc3e9fbb252851c626fb876d93a19130f8769dd0
Size

446KB
Sample

210513-avb1n29ra6
MD5

ba55c1c7be53b1209813af4884bcebe2
SHA1

242e5d706b7aa58a9eddd88b79b84b150b512d3a
SHA256

7fa534d89c4dc5be14d86875fc3e9fbb252851c626fb876d93a19130f8769dd0
SHA512

3f03799af5c32ff9a6d4f63b71cf2c5b99b7be90e5644172da37c58ea68bc9e47c4d2159176318621841132d564b9c9db03fd27d17bc79400acd3b79ba1268f5

Score

10^/10

vobfus persistence worm

Malware Config

Targets

- Target
  
  7fa534d89c4dc5be14d86875fc3e9fbb252851c626fb876d93a19130f8769dd0
- Size
  
  446KB
- MD5
  
  ba55c1c7be53b1209813af4884bcebe2
- SHA1
  
  242e5d706b7aa58a9eddd88b79b84b150b512d3a
- SHA256
  
  7fa534d89c4dc5be14d86875fc3e9fbb252851c626fb876d93a19130f8769dd0
- SHA512
  
  3f03799af5c32ff9a6d4f63b71cf2c5b99b7be90e5644172da37c58ea68bc9e47c4d2159176318621841132d564b9c9db03fd27d17bc79400acd3b79ba1268f5
Score

10^/10

vobfus persistence worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistenceworm

behavioral2