vobfus | 5e2395dce1bb61098d55c6df2541071ca8f8c825b5aa9ce3b8afabcdeff4c504 | Triage

Submit
Reports

Overview

overview

Static

static

3

e4f8cb43ff...18.exe

windows7-x64

e4f8cb43ff...18.exe

windows10-2004-x64

Sharing

General

Target

e4f8cb43ff3a4e35b502d584fc924cb0_JaffaCakes118
Size

176KB
Sample

240916-rvsqsssflm
MD5

e4f8cb43ff3a4e35b502d584fc924cb0
SHA1

e8593ba21adb977971d66066e600e3633a7a1bd4
SHA256

5e2395dce1bb61098d55c6df2541071ca8f8c825b5aa9ce3b8afabcdeff4c504
SHA512

4cd07e430e1ec33a9290673f80717c941c697cac952793e40be9f77c79e572667939a44a5f498c158242a2f143f9ce6222d04a948ff4cba8283a1e69391c6975
SSDEEP

3072:LR3JTDPB1zUc/H+0SwNayfX/k2C9SY6G5xYslSNag/p2:LvTDP0+TZar2C7oA

Score

10^/10

vobfus discovery upx worm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e4f8cb43ff3a4e35b502d584fc924cb0_JaffaCakes118.exe

Resource

win7-20240903-en

vobfus discovery upx worm

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

e4f8cb43ff3a4e35b502d584fc924cb0_JaffaCakes118.exe

Resource

win10v2004-20240802-en

vobfus discovery upx worm

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  e4f8cb43ff3a4e35b502d584fc924cb0_JaffaCakes118
- Size
  
  176KB
- MD5
  
  e4f8cb43ff3a4e35b502d584fc924cb0
- SHA1
  
  e8593ba21adb977971d66066e600e3633a7a1bd4
- SHA256
  
  5e2395dce1bb61098d55c6df2541071ca8f8c825b5aa9ce3b8afabcdeff4c504
- SHA512
  
  4cd07e430e1ec33a9290673f80717c941c697cac952793e40be9f77c79e572667939a44a5f498c158242a2f143f9ce6222d04a948ff4cba8283a1e69391c6975
- SSDEEP
  
  3072:LR3JTDPB1zUc/H+0SwNayfX/k2C9SY6G5xYslSNag/p2:LvTDP0+TZar2C7oA
Score

10^/10

vobfus discovery upx worm
- Vobfus
  A widespread worm which spreads via network drives and removable media.
  worm vobfus
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vobfusdiscoveryupxworm

behavioral2

vobfusdiscoveryupxworm

© 2018-2025

Terms | Privacy