vjw0rm | f22945e84a4a8dc6ec66734fe9028884f8929fd6a862b1f65eb6de5d96ba8119 | Triage

Submit
Reports

Overview

overview

Static

static

ColisFR512...201.js

windows7_x64

ColisFR512...201.js

windows10_x64

Sharing

General

Target

ColisFR512562J01201.js
Size

335KB
Sample

210618-pf9sgx1tc6
MD5

9962eb28b9bc0bbc9352716673d2475b
SHA1

bd13e8fba4a7d087df8cdc51da3d1f185c25fe40
SHA256

f22945e84a4a8dc6ec66734fe9028884f8929fd6a862b1f65eb6de5d96ba8119
SHA512

00b7ffa0247096d58aea121a54ae9dd06adf382ba199d421e75ea9c81ab378b8ee10f9584fccd3d4baae02871b6e121beba9521583630643c7e922fcac8a2617

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

ColisFR512562J01201.js

Resource

win7v20210410

vjw0rm trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ColisFR512562J01201.js

Resource

win10v20210410

vjw0rm trojan worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ColisFR512562J01201.js
- Size
  
  335KB
- MD5
  
  9962eb28b9bc0bbc9352716673d2475b
- SHA1
  
  bd13e8fba4a7d087df8cdc51da3d1f185c25fe40
- SHA256
  
  f22945e84a4a8dc6ec66734fe9028884f8929fd6a862b1f65eb6de5d96ba8119
- SHA512
  
  00b7ffa0247096d58aea121a54ae9dd06adf382ba199d421e75ea9c81ab378b8ee10f9584fccd3d4baae02871b6e121beba9521583630643c7e922fcac8a2617
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmtrojanworm

behavioral2

vjw0rmtrojanworm

© 2018-2024

Terms | Privacy