vjw0rm | cf298e1886fb46e23b2607c3098fa945d9bbf12e0c6edd4a9ae9315f0150d058 | Triage

Sharing

General

Target

Soporte de pago realizado con exito en fecha .js
Size

1.8MB
Sample

210514-hn6vge1kdn
MD5

b6528071d31ea803a5e57eb69eec7265
SHA1

dc51b5004b167657acb13956aedb8f1153204642
SHA256

cf298e1886fb46e23b2607c3098fa945d9bbf12e0c6edd4a9ae9315f0150d058
SHA512

32bb7a3bd1a487637cbe995a7ef952baa1afc8d5a90ee0a83f0e0afc459f5e202f6ab7af8b12bcca9f8f0a96ad0fb86e9212b1efafdeddac5b4621820c485dfa

Score

10^/10

vjw0rm trojan worm

Malware Config

Targets

- Target
  
  Soporte de pago realizado con exito en fecha .js
- Size
  
  1.8MB
- MD5
  
  b6528071d31ea803a5e57eb69eec7265
- SHA1
  
  dc51b5004b167657acb13956aedb8f1153204642
- SHA256
  
  cf298e1886fb46e23b2607c3098fa945d9bbf12e0c6edd4a9ae9315f0150d058
- SHA512
  
  32bb7a3bd1a487637cbe995a7ef952baa1afc8d5a90ee0a83f0e0afc459f5e202f6ab7af8b12bcca9f8f0a96ad0fb86e9212b1efafdeddac5b4621820c485dfa
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmtrojanworm

behavioral2

vjw0rmtrojanworm