vobfus | 2acc3cd85919a10811667e47eddb3556e88b84ea1dcbe998e504a3c74e74c2fd | Triage

Submit
Reports

Overview

overview

Static

static

2acc3cd859...fd.exe

windows7_x64

2acc3cd859...fd.exe

windows10-2004_x64

Sharing

General

Target

2acc3cd85919a10811667e47eddb3556e88b84ea1dcbe998e504a3c74e74c2fd
Size

224KB
Sample

220615-ey7mxacgak
MD5

a533827a1afdaa39eeabf6d2fc70ab60
SHA1

4836be47715f5b0978bba899de0e225f1e2aafbc
SHA256

2acc3cd85919a10811667e47eddb3556e88b84ea1dcbe998e504a3c74e74c2fd
SHA512

145a0a2c2cd99760b9ffd4665f3bacba8069bd6fcc8a27850ea3c0ba8798a611d69cb97a7cb54725cce5f124aa1d42c01e9e7d3681c593f1fa7021a3f4973e04

Score

10^/10

vobfus persistence suricata worm

Static task

static1

Behavioral task

behavioral1

Sample

2acc3cd85919a10811667e47eddb3556e88b84ea1dcbe998e504a3c74e74c2fd.exe

Resource

win7-20220414-en

vobfus persistence suricata worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2acc3cd85919a10811667e47eddb3556e88b84ea1dcbe998e504a3c74e74c2fd.exe

Resource

win10v2004-20220414-en

vobfus persistence suricata worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2acc3cd85919a10811667e47eddb3556e88b84ea1dcbe998e504a3c74e74c2fd
- Size
  
  224KB
- MD5
  
  a533827a1afdaa39eeabf6d2fc70ab60
- SHA1
  
  4836be47715f5b0978bba899de0e225f1e2aafbc
- SHA256
  
  2acc3cd85919a10811667e47eddb3556e88b84ea1dcbe998e504a3c74e74c2fd
- SHA512
  
  145a0a2c2cd99760b9ffd4665f3bacba8069bd6fcc8a27850ea3c0ba8798a611d69cb97a7cb54725cce5f124aa1d42c01e9e7d3681c593f1fa7021a3f4973e04
Score

10^/10

vobfus persistence suricata worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- suricata: ET MALWARE BlackshadesRAT Reporting
  suricata: ET MALWARE BlackshadesRAT Reporting
  suricata
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistencesuricataworm

behavioral2

vobfuspersistencesuricataworm

© 2018-2024

Terms | Privacy