vobfus | e51d3176c31c1c695542b23cb34f30a2f538af8ea760818bbadbb3fbe2ff627a | Triage

Sharing

General

Target

e51d3176c31c1c695542b23cb34f30a2f538af8ea760818bbadbb3fbe2ff627a
Size

1.9MB
Sample

210513-wyn6mtl7zx
MD5

ab1fd5d5b1d766c1fadbbc38a9f51aac
SHA1

3bda84b42dd9dc5832ba48cbdf7e1c870050f911
SHA256

e51d3176c31c1c695542b23cb34f30a2f538af8ea760818bbadbb3fbe2ff627a
SHA512

91e05ba4e9d2b39f7c2eb7fd2ad1b7943a8451204b58d0ee69d0bbaaded3d3e6b0e952d10a0cc978273c097d972c50f31f8bf9f80b3021cf46cb5c5b2454be06

Score

10^/10

vobfus persistence worm

Malware Config

Targets

- Target
  
  e51d3176c31c1c695542b23cb34f30a2f538af8ea760818bbadbb3fbe2ff627a
- Size
  
  1.9MB
- MD5
  
  ab1fd5d5b1d766c1fadbbc38a9f51aac
- SHA1
  
  3bda84b42dd9dc5832ba48cbdf7e1c870050f911
- SHA256
  
  e51d3176c31c1c695542b23cb34f30a2f538af8ea760818bbadbb3fbe2ff627a
- SHA512
  
  91e05ba4e9d2b39f7c2eb7fd2ad1b7943a8451204b58d0ee69d0bbaaded3d3e6b0e952d10a0cc978273c097d972c50f31f8bf9f80b3021cf46cb5c5b2454be06
Score

10^/10

persistence vobfus worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

vobfuspersistenceworm