Overview

overview

10

Static

static

NOTICIA CR...PRA.js

windows7_x64

10

NOTICIA CR...PRA.js

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NOTICIA CRIMINAL 110016102371202002915 FISCALIA 45 UNIDAD DE DIRECCIONAMIENTO E INTERVENCION TEMPRANA DE DENUNCIAS DIRECCION SECCIONAL DE BOGOTA.js

  • Size

    1.9MB

  • Sample

    210325-2l2cvses8j

  • MD5

    2f7b470220998650eb5f84d1383a2bf5

  • SHA1

    9fc5c65ceee450516511bb0f67cb210af35b6990

  • SHA256

    fb20cecaefc9640ac841d03595623bbd8b7fdb19a10ff0fcb777e691fdcda47b

  • SHA512

    0fd2ec177e49f301ed34d002c951f25a9ce529a1c1519d043e2470dafc83ef9fd6e42ee24b4eaa66a67dc26e26a98a0d3ae4ca9be46ccc6c63822d02952e8163

Score
10/10
vjw0rmtrojanworm

Malware Config

Targets

    • Target

      NOTICIA CRIMINAL 110016102371202002915 FISCALIA 45 UNIDAD DE DIRECCIONAMIENTO E INTERVENCION TEMPRANA DE DENUNCIAS DIRECCION SECCIONAL DE BOGOTA.js

    • Size

      1.9MB

    • MD5

      2f7b470220998650eb5f84d1383a2bf5

    • SHA1

      9fc5c65ceee450516511bb0f67cb210af35b6990

    • SHA256

      fb20cecaefc9640ac841d03595623bbd8b7fdb19a10ff0fcb777e691fdcda47b

    • SHA512

      0fd2ec177e49f301ed34d002c951f25a9ce529a1c1519d043e2470dafc83ef9fd6e42ee24b4eaa66a67dc26e26a98a0d3ae4ca9be46ccc6c63822d02952e8163

    Score
    10/10
    vjw0rmtrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks