vobfus | f79311135bbfae51695016a9080c4dc076eeb28eeaaeaf17ac49ac13ee850d16 | Triage

Sharing

General

Target

f79311135bbfae51695016a9080c4dc076eeb28eeaaeaf17ac49ac13ee850d16
Size

1.4MB
Sample

210515-5hbwhxzvqe
MD5

bac84c3f28352f8fe46aebfff76b0a4c
SHA1

0a317002bce511aae2d337c43bf9e2c830950ed1
SHA256

f79311135bbfae51695016a9080c4dc076eeb28eeaaeaf17ac49ac13ee850d16
SHA512

3b4916f7ac9bb7a0fed88f5c6ebbe540ee3797a7242ba3d0bcb0e88a68c4ee65332404c5adfdba070a6f8376c8f09407318dd4b6a62068ee12889fcc60e63197

Score

10^/10

vobfus persistence worm

Malware Config

Targets

- Target
  
  f79311135bbfae51695016a9080c4dc076eeb28eeaaeaf17ac49ac13ee850d16
- Size
  
  1.4MB
- MD5
  
  bac84c3f28352f8fe46aebfff76b0a4c
- SHA1
  
  0a317002bce511aae2d337c43bf9e2c830950ed1
- SHA256
  
  f79311135bbfae51695016a9080c4dc076eeb28eeaaeaf17ac49ac13ee850d16
- SHA512
  
  3b4916f7ac9bb7a0fed88f5c6ebbe540ee3797a7242ba3d0bcb0e88a68c4ee65332404c5adfdba070a6f8376c8f09407318dd4b6a62068ee12889fcc60e63197
Score

10^/10

vobfus persistence worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistenceworm

behavioral2

vobfuspersistenceworm