vjw0rm | 2737e40a0ee412e45e133777d5025d2563f062f6d92044a9f11463ed4d05bf49 | Triage

Submit
Reports

Overview

overview

Static

static

Colis-Suiv...303.js

windows7_x64

Colis-Suiv...303.js

windows10_x64

Sharing

General

Target

Colis-SuiviFR18834Y7829303.js
Size

29KB
Sample

210428-ty96wkp2cj
MD5

c235afe7ae03c920b74a58edaf14afad
SHA1

58ba64f156237f4305d3b96e5cf5fdd60dcb8b19
SHA256

2737e40a0ee412e45e133777d5025d2563f062f6d92044a9f11463ed4d05bf49
SHA512

ee1f0d634153987f92d5efe467caba8fabb13c2c3816f9d45d0a9389a5b7d6aa6b037a366a2f17e0f7d630716901494aab98eada6c085b892ccecb0b26dc2720

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

Colis-SuiviFR18834Y7829303.js

Resource

win7v20210410

vjw0rm trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Colis-SuiviFR18834Y7829303.js

Resource

win10v20210408

vjw0rm trojan worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Colis-SuiviFR18834Y7829303.js
- Size
  
  29KB
- MD5
  
  c235afe7ae03c920b74a58edaf14afad
- SHA1
  
  58ba64f156237f4305d3b96e5cf5fdd60dcb8b19
- SHA256
  
  2737e40a0ee412e45e133777d5025d2563f062f6d92044a9f11463ed4d05bf49
- SHA512
  
  ee1f0d634153987f92d5efe467caba8fabb13c2c3816f9d45d0a9389a5b7d6aa6b037a366a2f17e0f7d630716901494aab98eada6c085b892ccecb0b26dc2720
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmtrojanworm

behavioral2

vjw0rmtrojanworm

© 2018-2024

Terms | Privacy