vobfus | 5a7c7d4aefde510ebfd20510ba348e2d245fce3f0389ec0674bedd48651c63fd | Triage

Sharing

General

Target

5a7c7d4aefde510ebfd20510ba348e2d245fce3f0389ec0674bedd48651c63fd
Size

1.9MB
Sample

210515-xx23ybfqg2
MD5

b930769d626ea1c87b8241dcc01bcd24
SHA1

c39ad8242b790a0f648345b32a6e563a8662817a
SHA256

5a7c7d4aefde510ebfd20510ba348e2d245fce3f0389ec0674bedd48651c63fd
SHA512

48e91ba1c427d8772e78b013b3afe9125182cf16496894a38d8a35a2a8683b80de68a84b581bf707c04277a55f7eea0b6fc27ba3d3c803163f91c17a252b3f6b

Score

10^/10

vobfus persistence worm

Malware Config

Targets

- Target
  
  5a7c7d4aefde510ebfd20510ba348e2d245fce3f0389ec0674bedd48651c63fd
- Size
  
  1.9MB
- MD5
  
  b930769d626ea1c87b8241dcc01bcd24
- SHA1
  
  c39ad8242b790a0f648345b32a6e563a8662817a
- SHA256
  
  5a7c7d4aefde510ebfd20510ba348e2d245fce3f0389ec0674bedd48651c63fd
- SHA512
  
  48e91ba1c427d8772e78b013b3afe9125182cf16496894a38d8a35a2a8683b80de68a84b581bf707c04277a55f7eea0b6fc27ba3d3c803163f91c17a252b3f6b
Score

10^/10

vobfus persistence worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistenceworm

behavioral2