Overview

overview

10

Static

static

Receipt.js

windows7_x64

1

Receipt.js

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Receipt.js

  • Size

    25KB

  • Sample

    210226-xxxm3jwfy2

  • MD5

    84f3f222c717a35af83fef144ed95736

  • SHA1

    3dac370ffdcd4978abf35181cfd8472b8f472a9e

  • SHA256

    2f222cf2393537683a329ee33618b7a0cda47cad19e28f4f39e15e6757e9c2d3

  • SHA512

    64aa583b0e982bdb6a4e4e7bfe91c7118787a3cd71998b1f7ce656d43cc816d3b07f6cbc0eeaecec3ba13a0a0e1709f5b271ba1e9e5ba308be878a22591a65b8

Score
10/10
vjw0rmtrojanworm

Malware Config

Targets

    • Target

      Receipt.js

    • Size

      25KB

    • MD5

      84f3f222c717a35af83fef144ed95736

    • SHA1

      3dac370ffdcd4978abf35181cfd8472b8f472a9e

    • SHA256

      2f222cf2393537683a329ee33618b7a0cda47cad19e28f4f39e15e6757e9c2d3

    • SHA512

      64aa583b0e982bdb6a4e4e7bfe91c7118787a3cd71998b1f7ce656d43cc816d3b07f6cbc0eeaecec3ba13a0a0e1709f5b271ba1e9e5ba308be878a22591a65b8

    Score
    10/10
    vjw0rmtrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks