General

  • Target

    ID88910662802.js

  • Size

    29KB

  • Sample

    210420-wrwn3wamga

  • MD5

    222e7ad19fb35b7108429b6040c3bff6

  • SHA1

    a38b37964a19cb6fdcfd5110fb415f8d1ed943b5

  • SHA256

    24819fecd0dbc69d5f646ca085ac76ddd5229f1762d8bb7938c1244e880e075a

  • SHA512

    7a75ac4221734b01482638120e27ff5bff338a04820ad8fafaf246e898387fca956c73a17aca68d13c8900ebceb44db011f9536ecb3dbfa818f965c10ec8e76c

Score
10/10

Malware Config

Targets

    • Target

      ID88910662802.js

    • Size

      29KB

    • MD5

      222e7ad19fb35b7108429b6040c3bff6

    • SHA1

      a38b37964a19cb6fdcfd5110fb415f8d1ed943b5

    • SHA256

      24819fecd0dbc69d5f646ca085ac76ddd5229f1762d8bb7938c1244e880e075a

    • SHA512

      7a75ac4221734b01482638120e27ff5bff338a04820ad8fafaf246e898387fca956c73a17aca68d13c8900ebceb44db011f9536ecb3dbfa818f965c10ec8e76c

    Score
    10/10
    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

    • Blocklisted process makes network request

    • Drops startup file

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks