vobfus | 145fc092e1a0c3c04ca789a93ac71128ecf59bee9cce4c7e22456b5749f3b488 | Triage

Sharing

General

Target

145fc092e1a0c3c04ca789a93ac71128ecf59bee9cce4c7e22456b5749f3b488
Size

317KB
Sample

210513-vz9bk4kyce
MD5

baad508f44f694e78ffa8156acfb4003
SHA1

87e40bb425bf4f6552228964138c01b22176c6ee
SHA256

145fc092e1a0c3c04ca789a93ac71128ecf59bee9cce4c7e22456b5749f3b488
SHA512

08414a58478b18496cfc6f7427ee63af8ceaabebc982436e1668d22ea73e689a31a589d1a97f936bb66bdeaa4c91da2b747fe7275043dde25cb717653d3ee508

Score

10^/10

vobfus persistence worm

Malware Config

Targets

- Target
  
  145fc092e1a0c3c04ca789a93ac71128ecf59bee9cce4c7e22456b5749f3b488
- Size
  
  317KB
- MD5
  
  baad508f44f694e78ffa8156acfb4003
- SHA1
  
  87e40bb425bf4f6552228964138c01b22176c6ee
- SHA256
  
  145fc092e1a0c3c04ca789a93ac71128ecf59bee9cce4c7e22456b5749f3b488
- SHA512
  
  08414a58478b18496cfc6f7427ee63af8ceaabebc982436e1668d22ea73e689a31a589d1a97f936bb66bdeaa4c91da2b747fe7275043dde25cb717653d3ee508
Score

10^/10

vobfus persistence worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistenceworm

behavioral2