General

  • Target

    N10122504542.vbs

  • Size

    222B

  • Sample

    210723-lkc8br81f2

  • MD5

    525e82abf80d9b94e67411a21b2cc770

  • SHA1

    53039125576e8375c07980c298874fc90a61cfda

  • SHA256

    44a6ab8793ef79cc7c270c17c7390297f2532a5351bc9cc330afeb61cca6d1a0

  • SHA512

    358aa84833473ef2fcf5110f92bf12d74e2f3494dd6db69ab010682a6da937ca7db59d32e1a83b10dc2ba9e6a058c22aa8887b6000692655e51ab76dcf690b9d

Score
10/10

Malware Config

Targets

    • Target

      N10122504542.vbs

    • Size

      222B

    • MD5

      525e82abf80d9b94e67411a21b2cc770

    • SHA1

      53039125576e8375c07980c298874fc90a61cfda

    • SHA256

      44a6ab8793ef79cc7c270c17c7390297f2532a5351bc9cc330afeb61cca6d1a0

    • SHA512

      358aa84833473ef2fcf5110f92bf12d74e2f3494dd6db69ab010682a6da937ca7db59d32e1a83b10dc2ba9e6a058c22aa8887b6000692655e51ab76dcf690b9d

    Score
    10/10
    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Discovery

System Information Discovery

1
T1082

Tasks