Overview

overview

10

Static

static

80bf9d5aef...38.exe

windows7_x64

10

80bf9d5aef...38.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    80bf9d5aef7ef6f305830c353e93caa81ed39eb7e897a3f6cdcc8099477e5d38

  • Size

    200KB

  • Sample

    220326-3x7taafbcr

  • MD5

    06aa0405e4b2f78ef3e7fa4e457cb732

  • SHA1

    dfb7ed0d100fc9ac419b36fc56ef74eff2c7b8aa

  • SHA256

    80bf9d5aef7ef6f305830c353e93caa81ed39eb7e897a3f6cdcc8099477e5d38

  • SHA512

    b0f3f948eaa75c0e84acbccd51c65809ce040193f9ce53a5cd1992479f0178269da4272a470b5211dede35aa8f8868f5ac829576f2da169ecaa26a3803e6b307

Score
10/10
vobfuspersistencesuricataworm

Malware Config

Targets

    • Target

      80bf9d5aef7ef6f305830c353e93caa81ed39eb7e897a3f6cdcc8099477e5d38

    • Size

      200KB

    • MD5

      06aa0405e4b2f78ef3e7fa4e457cb732

    • SHA1

      dfb7ed0d100fc9ac419b36fc56ef74eff2c7b8aa

    • SHA256

      80bf9d5aef7ef6f305830c353e93caa81ed39eb7e897a3f6cdcc8099477e5d38

    • SHA512

      b0f3f948eaa75c0e84acbccd51c65809ce040193f9ce53a5cd1992479f0178269da4272a470b5211dede35aa8f8868f5ac829576f2da169ecaa26a3803e6b307

    Score
    10/10
    vobfuspersistencesuricataworm

    • Vobfus

      A widespread worm which spreads via network drives and removable media.

      wormvobfus

    • suricata: ET MALWARE BlackshadesRAT Reporting

      suricata: ET MALWARE BlackshadesRAT Reporting

      suricata

    • Adds policy Run key to start application

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks