Overview

overview

10

Static

static

3

2044efebbf...56.exe

windows7-x64

10

2044efebbf...56.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2044efebbfdf46d92a131cfb206ac345f25c5d7e8f168f9001671e7c3e6e4f56.exe

  • Size

    204KB

  • Sample

    241122-2fxfjsxkcm

  • MD5

    a9bedff77a42ea393e2d152007c2cb1a

  • SHA1

    da93a867fc4822c04b13238b6a960d477ff13cb3

  • SHA256

    2044efebbfdf46d92a131cfb206ac345f25c5d7e8f168f9001671e7c3e6e4f56

  • SHA512

    69389e7b65e899062203486a440df58764f6f65d8f4aa12a32c8eedd00821ea64fab8a4a8bd3f660cb44d0f5be9716e1d52510746e3fe8bfa386f94f19d22eb2

  • SSDEEP

    3072:3Hjk+0oLnWFnzBHv/xWFsg8WatFBGFVWPE5ac0pG/1z+QVMbg1h:Xo/BHng5HaVG4G/1z+QVMbg1h

Score
10/10
vobfusdiscoverypersistenceworm

Malware Config

Targets

    • Target

      2044efebbfdf46d92a131cfb206ac345f25c5d7e8f168f9001671e7c3e6e4f56.exe

    • Size

      204KB

    • MD5

      a9bedff77a42ea393e2d152007c2cb1a

    • SHA1

      da93a867fc4822c04b13238b6a960d477ff13cb3

    • SHA256

      2044efebbfdf46d92a131cfb206ac345f25c5d7e8f168f9001671e7c3e6e4f56

    • SHA512

      69389e7b65e899062203486a440df58764f6f65d8f4aa12a32c8eedd00821ea64fab8a4a8bd3f660cb44d0f5be9716e1d52510746e3fe8bfa386f94f19d22eb2

    • SSDEEP

      3072:3Hjk+0oLnWFnzBHv/xWFsg8WatFBGFVWPE5ac0pG/1z+QVMbg1h:Xo/BHng5HaVG4G/1z+QVMbg1h

    Score
    10/10
    vobfusdiscoverypersistenceworm

    • Vobfus

      A widespread worm which spreads via network drives and removable media.

      wormvobfus

    • Vobfus family

      vobfus

    • Adds policy Run key to start application

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks