vobfus | a5362ecb500d572fd7c96345c4770aeee08d468c761ec21db4a4da44464636d0 | Triage

Sharing

General

Target

a5362ecb500d572fd7c96345c4770aeee08d468c761ec21db4a4da44464636d0
Size

261KB
Sample

210518-m92qhl6gf2
MD5

b10acfc0d52e9839030a844ac8e019b8
SHA1

dbfe9064409d8e20abd26d2c3182bbd37f1ce9ec
SHA256

a5362ecb500d572fd7c96345c4770aeee08d468c761ec21db4a4da44464636d0
SHA512

c593ccd4ddc49003e6b821b319aaccabe6b8cf012ddfa486c07da86cbac55d1084de70a7e9a93949edf2f7915c4a9a70ff9c6ea2dc445fd772f32d7663d1e25d

Score

10^/10

vobfus persistence worm

Malware Config

Targets

- Target
  
  a5362ecb500d572fd7c96345c4770aeee08d468c761ec21db4a4da44464636d0
- Size
  
  261KB
- MD5
  
  b10acfc0d52e9839030a844ac8e019b8
- SHA1
  
  dbfe9064409d8e20abd26d2c3182bbd37f1ce9ec
- SHA256
  
  a5362ecb500d572fd7c96345c4770aeee08d468c761ec21db4a4da44464636d0
- SHA512
  
  c593ccd4ddc49003e6b821b319aaccabe6b8cf012ddfa486c07da86cbac55d1084de70a7e9a93949edf2f7915c4a9a70ff9c6ea2dc445fd772f32d7663d1e25d
Score

10^/10

vobfus persistence worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistenceworm

behavioral2