vobfus | d50bdb589d3b70b202471a951633119d7142298586d1948a9f4fe929832cd956 | Triage

Submit
Reports

Overview

overview

Static

static

d50bdb589d...56.exe

windows7-x64

d50bdb589d...56.exe

windows10-2004-x64

Sharing

General

Target

d50bdb589d3b70b202471a951633119d7142298586d1948a9f4fe929832cd956
Size

224KB
Sample

220717-b4tfpaahb9
MD5

52d99165708ed0d1e0dfdedf374d8035
SHA1

c33fd11cfaa2fa8053947385375d75f9e0905095
SHA256

d50bdb589d3b70b202471a951633119d7142298586d1948a9f4fe929832cd956
SHA512

a1327bca9bcebcb4c9a1df823fbc5ee2bea53539c50f1b0bda1e4260e6f4e37a4b6e91f503f1808ebab3c6d5282ead5a04c349af610e475a9d1e20940059a4f3

Score

10^/10

vobfus persistence suricata worm

Static task

static1

Behavioral task

behavioral1

Sample

d50bdb589d3b70b202471a951633119d7142298586d1948a9f4fe929832cd956.exe

Resource

win7-20220414-en

vobfus persistence suricata worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

d50bdb589d3b70b202471a951633119d7142298586d1948a9f4fe929832cd956.exe

Resource

win10v2004-20220414-en

vobfus persistence suricata worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  d50bdb589d3b70b202471a951633119d7142298586d1948a9f4fe929832cd956
- Size
  
  224KB
- MD5
  
  52d99165708ed0d1e0dfdedf374d8035
- SHA1
  
  c33fd11cfaa2fa8053947385375d75f9e0905095
- SHA256
  
  d50bdb589d3b70b202471a951633119d7142298586d1948a9f4fe929832cd956
- SHA512
  
  a1327bca9bcebcb4c9a1df823fbc5ee2bea53539c50f1b0bda1e4260e6f4e37a4b6e91f503f1808ebab3c6d5282ead5a04c349af610e475a9d1e20940059a4f3
Score

10^/10

vobfus persistence suricata worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- suricata: ET MALWARE BlackshadesRAT Reporting
  suricata: ET MALWARE BlackshadesRAT Reporting
  suricata
- Adds policy Run key to start application
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vobfuspersistencesuricataworm

behavioral2

vobfuspersistencesuricataworm

© 2018-2024

Terms | Privacy