vobfus | 1f19db2af670edcb9c54611c1eb3feb76d6e7ec232baed6f1be9c81256b95121 | Triage

Sharing

General

Target

1f19db2af670edcb9c54611c1eb3feb76d6e7ec232baed6f1be9c81256b95121
Size

1.9MB
Sample

220326-a5es9aecc6
MD5

027e4c8e6f3ef081179c9249284703e9
SHA1

83055a677d83dde602f0896ee1a5d97f71197377
SHA256

1f19db2af670edcb9c54611c1eb3feb76d6e7ec232baed6f1be9c81256b95121
SHA512

085008fde112cdf6b50e6d852a0b0e0dbaddd1de640f8d1f882d6c3f019be9df03dea670685b5411f7f92c7ef62ffe486b51d7c69f83217323f0f0044f75cba4

Score

10^/10

vobfus persistence worm

Malware Config

Targets

- Target
  
  1f19db2af670edcb9c54611c1eb3feb76d6e7ec232baed6f1be9c81256b95121
- Size
  
  1.9MB
- MD5
  
  027e4c8e6f3ef081179c9249284703e9
- SHA1
  
  83055a677d83dde602f0896ee1a5d97f71197377
- SHA256
  
  1f19db2af670edcb9c54611c1eb3feb76d6e7ec232baed6f1be9c81256b95121
- SHA512
  
  085008fde112cdf6b50e6d852a0b0e0dbaddd1de640f8d1f882d6c3f019be9df03dea670685b5411f7f92c7ef62ffe486b51d7c69f83217323f0f0044f75cba4
Score

10^/10

vobfus persistence worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vobfuspersistenceworm

behavioral2

vobfuspersistenceworm