vobfus | 466944733011bbf013694b19f8b2e58d9258490f881d06c19779992cdcb87806 | Triage

Submit
Reports

Overview

overview

Static

static

4669447330...06.exe

windows7_x64

4669447330...06.exe

windows10-2004_x64

Sharing

General

Target

466944733011bbf013694b19f8b2e58d9258490f881d06c19779992cdcb87806
Size

224KB
Sample

220707-ksr8xshgam
MD5

b58dc47d5eb5c3479461701de1306edb
SHA1

370317662b669d494b1b32c6b4070293783dd35e
SHA256

466944733011bbf013694b19f8b2e58d9258490f881d06c19779992cdcb87806
SHA512

d97144839dc8f3e883f01b07f6f5dc1440d7e2a185c1ec1639e5ddaa13817d606d5c6ba70d6bd064dc1ca51cd713fb276b94fe54df005936f2a3435a96b9777f

Score

10^/10

vobfus persistence suricata worm

Static task

static1

Behavioral task

behavioral1

Sample

466944733011bbf013694b19f8b2e58d9258490f881d06c19779992cdcb87806.exe

Resource

win7-20220414-en

vobfus persistence suricata worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

466944733011bbf013694b19f8b2e58d9258490f881d06c19779992cdcb87806.exe

Resource

win10v2004-20220414-en

vobfus persistence suricata worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  466944733011bbf013694b19f8b2e58d9258490f881d06c19779992cdcb87806
- Size
  
  224KB
- MD5
  
  b58dc47d5eb5c3479461701de1306edb
- SHA1
  
  370317662b669d494b1b32c6b4070293783dd35e
- SHA256
  
  466944733011bbf013694b19f8b2e58d9258490f881d06c19779992cdcb87806
- SHA512
  
  d97144839dc8f3e883f01b07f6f5dc1440d7e2a185c1ec1639e5ddaa13817d606d5c6ba70d6bd064dc1ca51cd713fb276b94fe54df005936f2a3435a96b9777f
Score

10^/10

vobfus persistence suricata worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- suricata: ET MALWARE BlackshadesRAT Reporting
  suricata: ET MALWARE BlackshadesRAT Reporting
  suricata
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistencesuricataworm

behavioral2

vobfuspersistencesuricataworm

© 2018-2024

Terms | Privacy