vjw0rm | 07b0274fcfd6bba6f5056eff77692987aeea03ff2fe978a5b8c097e842df5c41 | Triage

Submit
Reports

Overview

overview

Static

static

1.js

windows7_x64

1.js

windows10_x64

Sharing

General

Target

1.js
Size

914KB
Sample

210830-yvfkmaebrs
MD5

54d7a9612b5b6ae8d92d1dee6afc77ba
SHA1

566c13b7d4499a7d74e627ce818e10a65d9e1f47
SHA256

07b0274fcfd6bba6f5056eff77692987aeea03ff2fe978a5b8c097e842df5c41
SHA512

539491dc967fd97292d7f945d02e0c439566a8e805da0da3e31bef2313c8b20895828f7fa11a9801e5f6d638a565e45fe5fd1fbf3b579c6e27b8b31a76c3bece

Score

10^/10

vjw0rm persistence trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

1.js

Resource

win7v20210408

vjw0rm persistence trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1.js

Resource

win10v20210408

vjw0rm persistence trojan worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  1.js
- Size
  
  914KB
- MD5
  
  54d7a9612b5b6ae8d92d1dee6afc77ba
- SHA1
  
  566c13b7d4499a7d74e627ce818e10a65d9e1f47
- SHA256
  
  07b0274fcfd6bba6f5056eff77692987aeea03ff2fe978a5b8c097e842df5c41
- SHA512
  
  539491dc967fd97292d7f945d02e0c439566a8e805da0da3e31bef2313c8b20895828f7fa11a9801e5f6d638a565e45fe5fd1fbf3b579c6e27b8b31a76c3bece
Score

10^/10

vjw0rm persistence trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmpersistencetrojanworm

behavioral2

vjw0rmpersistencetrojanworm

© 2018-2024

Terms | Privacy