Overview

overview

10

Static

static

ID829301992003.js

windows7_x64

10

ID829301992003.js

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ID829301992003.js

  • Size

    29KB

  • Sample

    210421-wwchh4mfhs

  • MD5

    d79e90f5a36512261c3108cbe6637acd

  • SHA1

    6c09c49272c34917b18cf4888dda1e64fc51360d

  • SHA256

    383ce97511c3f308482000d1d303cb4a6ec072d0ec3084c0522ef0e2351bccd9

  • SHA512

    a0fb51064a1b08afcb0cb1e6293ff8d8255e5b5b86c73407d508054c65fd86a1f8ea0114d97c9b7627984e2b218c3b12af8c737eb2f5883f632a1d50d355580c

Score
10/10
vjw0rmtrojanworm

Malware Config

Targets

    • Target

      ID829301992003.js

    • Size

      29KB

    • MD5

      d79e90f5a36512261c3108cbe6637acd

    • SHA1

      6c09c49272c34917b18cf4888dda1e64fc51360d

    • SHA256

      383ce97511c3f308482000d1d303cb4a6ec072d0ec3084c0522ef0e2351bccd9

    • SHA512

      a0fb51064a1b08afcb0cb1e6293ff8d8255e5b5b86c73407d508054c65fd86a1f8ea0114d97c9b7627984e2b218c3b12af8c737eb2f5883f632a1d50d355580c

    Score
    10/10
    vjw0rmtrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks