vobfus | 122cd303b358e49f5b945e54da84d57c9df9cd2255ac604e5e8fa69c76278de1 | Triage

Sharing

General

Target

122cd303b358e49f5b945e54da84d57c9df9cd2255ac604e5e8fa69c76278de1
Size

1.9MB
Sample

210516-vsfdlf2n1s
MD5

003acf196868feddf108ab0b2685db2c
SHA1

20cd7e17d7a02de5ff4ccbae1267bfb831ccdbb3
SHA256

122cd303b358e49f5b945e54da84d57c9df9cd2255ac604e5e8fa69c76278de1
SHA512

180986d74acda3ed043e7955f3e19102f9145cacc52783ed20aa642076f19bed5e7f3cb7b2910ee954555a7474d321e79cfc7df6e6e97cf9072d524717201ba1

Score

10^/10

vobfus persistence worm

Malware Config

Targets

- Target
  
  122cd303b358e49f5b945e54da84d57c9df9cd2255ac604e5e8fa69c76278de1
- Size
  
  1.9MB
- MD5
  
  003acf196868feddf108ab0b2685db2c
- SHA1
  
  20cd7e17d7a02de5ff4ccbae1267bfb831ccdbb3
- SHA256
  
  122cd303b358e49f5b945e54da84d57c9df9cd2255ac604e5e8fa69c76278de1
- SHA512
  
  180986d74acda3ed043e7955f3e19102f9145cacc52783ed20aa642076f19bed5e7f3cb7b2910ee954555a7474d321e79cfc7df6e6e97cf9072d524717201ba1
Score

10^/10

persistence vobfus worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

vobfuspersistenceworm