vjw0rm | 1979a4cb2bce7004fc12ce7a5a51b2612b95cd0a09c8a86fbcc633088ec743aa | Triage

Sharing

General

Target

Sistema Penal Oral Acusatorio Jurisdiccion Colombia Anexamos detalle de denuncia en su contra y motivos que dieron lugar a la activación del aparato fiscal en su contra.js
Size

24KB
Sample

210330-czz7e9a1rx
MD5

4e1221e9eac1540f514f70d837fc1a42
SHA1

eb8c139d3bc5d463b927679d1ff61c2667bcb52e
SHA256

1979a4cb2bce7004fc12ce7a5a51b2612b95cd0a09c8a86fbcc633088ec743aa
SHA512

c1f20b0b77c6e961d7cc1fedcdba2de1db07d7917ba70e2898d7720e30a06c2da6293de40fd244af66a91aaa0cdbe6e40daa4a82e07314fbac9d9f4567d8b45a

Score

10^/10

vjw0rm persistence trojan worm

Malware Config

Targets

- Target
  
  Sistema Penal Oral Acusatorio Jurisdiccion Colombia Anexamos detalle de denuncia en su contra y motivos que dieron lugar a la activación del aparato fiscal en su contra.js
- Size
  
  24KB
- MD5
  
  4e1221e9eac1540f514f70d837fc1a42
- SHA1
  
  eb8c139d3bc5d463b927679d1ff61c2667bcb52e
- SHA256
  
  1979a4cb2bce7004fc12ce7a5a51b2612b95cd0a09c8a86fbcc633088ec743aa
- SHA512
  
  c1f20b0b77c6e961d7cc1fedcdba2de1db07d7917ba70e2898d7720e30a06c2da6293de40fd244af66a91aaa0cdbe6e40daa4a82e07314fbac9d9f4567d8b45a
Score

10^/10

vjw0rm persistence trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmpersistencetrojanworm

behavioral2

vjw0rmpersistencetrojanworm