vobfus | ee266ee99f39d6f646086d51e30ef757542b5bd60a4625cb023f964a3bf4368f | Triage

Submit
Reports

Overview

overview

Static

static

8

ee266ee99f...8f.exe

windows7_x64

ee266ee99f...8f.exe

windows10_x64

8

Sharing

General

Target

ee266ee99f39d6f646086d51e30ef757542b5bd60a4625cb023f964a3bf4368f
Size

221KB
Sample

210513-dv3qkwhnwn
MD5

1e0c23020c0884d1d8a68c1f73fdb16f
SHA1

f66460b056611dce52cc404fa3e96bbc856b2551
SHA256

ee266ee99f39d6f646086d51e30ef757542b5bd60a4625cb023f964a3bf4368f
SHA512

d7c976e1b0d29c3bbc5289bc647df34dd0e3b09e5262ddac30df1b310a6bc278253f47df0a0760092f777d8b4bb497eae2e5b182ee70323df70b95d318bd17f4

Score

10^/10

vobfus persistence upx worm

Static task

static1

Behavioral task

behavioral1

Sample

ee266ee99f39d6f646086d51e30ef757542b5bd60a4625cb023f964a3bf4368f.exe

Resource

win7v20210410

vobfus persistence worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ee266ee99f39d6f646086d51e30ef757542b5bd60a4625cb023f964a3bf4368f.exe

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ee266ee99f39d6f646086d51e30ef757542b5bd60a4625cb023f964a3bf4368f
- Size
  
  221KB
- MD5
  
  1e0c23020c0884d1d8a68c1f73fdb16f
- SHA1
  
  f66460b056611dce52cc404fa3e96bbc856b2551
- SHA256
  
  ee266ee99f39d6f646086d51e30ef757542b5bd60a4625cb023f964a3bf4368f
- SHA512
  
  d7c976e1b0d29c3bbc5289bc647df34dd0e3b09e5262ddac30df1b310a6bc278253f47df0a0760092f777d8b4bb497eae2e5b182ee70323df70b95d318bd17f4
Score

10^/10

vobfus persistence worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vobfuspersistenceworm

behavioral2

© 2018-2024

Terms | Privacy