vjw0rm | 4a157e8aa3f27b82f9a55d21989604a9570c9d0a6eb3a36ce8e5866513abcc73 | Triage

Sharing

General

Target

PaymentConfirmation.js
Size

24KB
Sample

210603-7wm6p2ypp6
MD5

575eb4b9c7430dece77eb2d8ed3b5997
SHA1

22ac1f40d7611d4f72507a46a4912935a5de79c4
SHA256

4a157e8aa3f27b82f9a55d21989604a9570c9d0a6eb3a36ce8e5866513abcc73
SHA512

bfa6c2ba1cf45bc4ea6c0fff05ab77bfd84c1ba13fffcbdca82961a2cd57a8332a2aa916e21e4235ddab29d37e49d1684b2696d932da94cb19879c71262bc597

Score

10^/10

vjw0rm trojan worm

Malware Config

Targets

- Target
  
  PaymentConfirmation.js
- Size
  
  24KB
- MD5
  
  575eb4b9c7430dece77eb2d8ed3b5997
- SHA1
  
  22ac1f40d7611d4f72507a46a4912935a5de79c4
- SHA256
  
  4a157e8aa3f27b82f9a55d21989604a9570c9d0a6eb3a36ce8e5866513abcc73
- SHA512
  
  bfa6c2ba1cf45bc4ea6c0fff05ab77bfd84c1ba13fffcbdca82961a2cd57a8332a2aa916e21e4235ddab29d37e49d1684b2696d932da94cb19879c71262bc597
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmtrojanworm

behavioral2

vjw0rmtrojanworm