vjw0rm | 5bc2b0c80deeed2b330b57fc9324fd773e86cfc04bb793f8ba34e165e8165bcf | Triage

Sharing

General

Target

Receipt.tar
Size

27KB
Sample

210226-n1nt2jsrvn
MD5

6c95d3e2708f1585a44c7bf67a807721
SHA1

2916a9238ba31175012662da10d677b8e7b11567
SHA256

5bc2b0c80deeed2b330b57fc9324fd773e86cfc04bb793f8ba34e165e8165bcf
SHA512

1de44ccd882db31ae2abab116816b124120bf29cc37f5339a608a2ef5ff2285ab055e579ba5d9f7fdc326f7ef146e61a55ff4cbd363239b918fc74998ec8c6e8

Score

10^/10

vjw0rm trojan worm

Malware Config

Targets

- Target
  
  Receipt.js
- Size
  
  25KB
- MD5
  
  84f3f222c717a35af83fef144ed95736
- SHA1
  
  3dac370ffdcd4978abf35181cfd8472b8f472a9e
- SHA256
  
  2f222cf2393537683a329ee33618b7a0cda47cad19e28f4f39e15e6757e9c2d3
- SHA512
  
  64aa583b0e982bdb6a4e4e7bfe91c7118787a3cd71998b1f7ce656d43cc816d3b07f6cbc0eeaecec3ba13a0a0e1709f5b271ba1e9e5ba308be878a22591a65b8
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

vjw0rmtrojanworm