Overview

overview

10

Static

static

5

5488cb5ffa...cN.exe

windows7-x64

10

5488cb5ffa...cN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5488cb5ffae5805ad79d8d4edc11750d855c1c6eb507291d371387f969d5c20cN.exe

  • Size

    213KB

  • Sample

    241217-f3h1sasqer

  • MD5

    025c99c2db124cfa01e4f382245a5eb0

  • SHA1

    093b21bbecc4b80ec700360ac633f5ba46360fe2

  • SHA256

    5488cb5ffae5805ad79d8d4edc11750d855c1c6eb507291d371387f969d5c20c

  • SHA512

    ddc0595037bc3e8cd262b1c67fd3344fced17c50f99d805d1db6f1f6143236f0e978363e3f47388b021417f15e23cf2c96e34473b235be8aac4dd598a43bebcf

  • SSDEEP

    3072:+tnC1KpYs3ggunWFnzBHv/xWFsg8Wat/LFAVWPE5ac0l+nkS71CKbO1hvQ:34BBHng5HaZFj+nkS71CKbO1N

Score
10/10
vobfusdiscoverypersistenceupxworm

Malware Config

Targets

    • Target

      5488cb5ffae5805ad79d8d4edc11750d855c1c6eb507291d371387f969d5c20cN.exe

    • Size

      213KB

    • MD5

      025c99c2db124cfa01e4f382245a5eb0

    • SHA1

      093b21bbecc4b80ec700360ac633f5ba46360fe2

    • SHA256

      5488cb5ffae5805ad79d8d4edc11750d855c1c6eb507291d371387f969d5c20c

    • SHA512

      ddc0595037bc3e8cd262b1c67fd3344fced17c50f99d805d1db6f1f6143236f0e978363e3f47388b021417f15e23cf2c96e34473b235be8aac4dd598a43bebcf

    • SSDEEP

      3072:+tnC1KpYs3ggunWFnzBHv/xWFsg8Wat/LFAVWPE5ac0l+nkS71CKbO1hvQ:34BBHng5HaZFj+nkS71CKbO1N

    Score
    10/10
    vobfusdiscoverypersistenceupxworm

    • Vobfus

      A widespread worm which spreads via network drives and removable media.

      wormvobfus

    • Vobfus family

      vobfus

    • Adds policy Run key to start application

      persistence

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks