vobfus | 2a1f3833aa8a1391271aed03c08dc01d51ca51c975bef0d5d132014f5386a051 | Triage

Submit
Reports

Overview

overview

Static

static

2a1f3833aa...51.exe

windows7_x64

2a1f3833aa...51.exe

windows10-2004_x64

Sharing

General

Target

2a1f3833aa8a1391271aed03c08dc01d51ca51c975bef0d5d132014f5386a051
Size

228KB
Sample

220615-hlan7aebd5
MD5

de79bbdceadbae51ce200ea17698bed3
SHA1

78fcefe2cad478a72154f6fe777bc84ea56ff8ec
SHA256

2a1f3833aa8a1391271aed03c08dc01d51ca51c975bef0d5d132014f5386a051
SHA512

9f0c08cf3e593fb6b70c2945dbd86642482dd188af8c11e0ee07f0ca64f3ff4d89464c6a6b6af52897d43a219385337b5f68b4c04f1ce1d30293f5f016a83928

Score

10^/10

vobfus persistence suricata worm

Static task

static1

Behavioral task

behavioral1

Sample

2a1f3833aa8a1391271aed03c08dc01d51ca51c975bef0d5d132014f5386a051.exe

Resource

win7-20220414-en

vobfus persistence suricata worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2a1f3833aa8a1391271aed03c08dc01d51ca51c975bef0d5d132014f5386a051.exe

Resource

win10v2004-20220414-en

vobfus persistence suricata worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2a1f3833aa8a1391271aed03c08dc01d51ca51c975bef0d5d132014f5386a051
- Size
  
  228KB
- MD5
  
  de79bbdceadbae51ce200ea17698bed3
- SHA1
  
  78fcefe2cad478a72154f6fe777bc84ea56ff8ec
- SHA256
  
  2a1f3833aa8a1391271aed03c08dc01d51ca51c975bef0d5d132014f5386a051
- SHA512
  
  9f0c08cf3e593fb6b70c2945dbd86642482dd188af8c11e0ee07f0ca64f3ff4d89464c6a6b6af52897d43a219385337b5f68b4c04f1ce1d30293f5f016a83928
Score

10^/10

vobfus persistence suricata worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- suricata: ET MALWARE BlackshadesRAT Reporting
  suricata: ET MALWARE BlackshadesRAT Reporting
  suricata
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistencesuricataworm

behavioral2

vobfuspersistencesuricataworm

© 2018-2024

Terms | Privacy