Overview

overview

10

Static

static

7

bcaa57298f...ad.exe

windows7-x64

10

bcaa57298f...ad.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    abf90f6260759e71bd11e41af4ddc7bdb97a23b06abc5daf55b17fcdc2e8a0cc

  • Size

    1.9MB

  • Sample

    240901-3w6jtswela

  • MD5

    4af137c9265bb7f30390fe5829a6e147

  • SHA1

    39c36c2b5a9d1691c72a8c159952124a11259007

  • SHA256

    abf90f6260759e71bd11e41af4ddc7bdb97a23b06abc5daf55b17fcdc2e8a0cc

  • SHA512

    fa61fb1237ab4f70955440c871fe7608163d0e96828ea94e969935eb63165acc141ae9b9c51fc9d75c390b13770cb1b5ee214d488f9614c364b2877e69a85b93

  • SSDEEP

    49152:uxoLXoJlps8vDzup/jF4K/I41oOiaCZlvESs+Pz6i9PO:o8oJ1uprF4Kt1jwlpJhPO

Score
10/10
vobfusdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      bcaa57298f0b6810f42df07dca8c896cb8de1102f7357e701f47b0daae6670ad

    • Size

      4.3MB

    • MD5

      343181e3037a1163bada143d412416f9

    • SHA1

      308eb01f0ccd0c6b58208990338ce812c47b9541

    • SHA256

      bcaa57298f0b6810f42df07dca8c896cb8de1102f7357e701f47b0daae6670ad

    • SHA512

      f5dba363693533550a5e0b52ec3bfa8a3d2229ab81ec8c8a358c8be3315b84e65754f02f0e43caeb86743b11133d52e6f6aad4756799c8e2318b4db78b26f86a

    • SSDEEP

      98304:Vbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb6:8

    Score
    10/10
    vobfusdiscoverypersistenceupxworm

    • Vobfus

      A widespread worm which spreads via network drives and removable media.

      wormvobfus

    • Adds policy Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks