vjw0rm | 1e4b0b6254e8f64254e54a9b587c58b1b315d3778f2f359c1e2fa8a5eedf2832 | Triage

Submit
Reports

Overview

overview

Static

static

29e6358d_a...v8n.js

windows7_x64

29e6358d_a...v8n.js

windows10_x64

Sharing

General

Target

29e6358d_aGAuLITv8n
Size

231KB
Sample

210903-fyegssccb7
MD5

29e6358dcc6c6518ff978ed2e06a097f
SHA1

963d7a5020461bf138b723518c4b606599ad18b4
SHA256

1e4b0b6254e8f64254e54a9b587c58b1b315d3778f2f359c1e2fa8a5eedf2832
SHA512

25310412f2e6b727cc990a17a6c6435a5c2380245beeae7fdfe45748bb7858d48910da032bf277322b7639bfb49c247f066aa3030758b344eb4403f88a9e4c62

Score

10^/10

vjw0rm persistence trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

29e6358d_aGAuLITv8n.js

Resource

win7-en

vjw0rm persistence trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

29e6358d_aGAuLITv8n.js

Resource

win10v20210408

vjw0rm persistence trojan worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  29e6358d_aGAuLITv8n
- Size
  
  231KB
- MD5
  
  29e6358dcc6c6518ff978ed2e06a097f
- SHA1
  
  963d7a5020461bf138b723518c4b606599ad18b4
- SHA256
  
  1e4b0b6254e8f64254e54a9b587c58b1b315d3778f2f359c1e2fa8a5eedf2832
- SHA512
  
  25310412f2e6b727cc990a17a6c6435a5c2380245beeae7fdfe45748bb7858d48910da032bf277322b7639bfb49c247f066aa3030758b344eb4403f88a9e4c62
Score

10^/10

vjw0rm persistence trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmpersistencetrojanworm

behavioral2

vjw0rmpersistencetrojanworm

© 2018-2024

Terms | Privacy