vjw0rm | e59652e1ac3f5b8b79e1092a9ff4d560dfccc4c0324d8f9d51070df9ff2430dc | Triage

Submit
Reports

Overview

overview

Static

static

162d0723_C...ZQn.js

windows7_x64

162d0723_C...ZQn.js

windows10_x64

Sharing

General

Target

162d0723_CZtsdzfZQn
Size

198KB
Sample

210908-fnpvsadfd3
MD5

162d0723e3a957771bdbf05f991e2835
SHA1

6ad81a6b1bf8814dc16086c6370949c610d3643e
SHA256

e59652e1ac3f5b8b79e1092a9ff4d560dfccc4c0324d8f9d51070df9ff2430dc
SHA512

f24e4cb1ec5bc2296df5cf89a034aa4e6e63af1bd84d040feb6a027ded16d08e3bd6f2c171741e60827e30cc91dbfce5c079d6366f0040f167049bc7e5e733a2

Score

10^/10

vjw0rm persistence trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

162d0723_CZtsdzfZQn.js

Resource

win7v20210408

vjw0rm persistence trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

162d0723_CZtsdzfZQn.js

Resource

win10-en

vjw0rm persistence trojan worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  162d0723_CZtsdzfZQn
- Size
  
  198KB
- MD5
  
  162d0723e3a957771bdbf05f991e2835
- SHA1
  
  6ad81a6b1bf8814dc16086c6370949c610d3643e
- SHA256
  
  e59652e1ac3f5b8b79e1092a9ff4d560dfccc4c0324d8f9d51070df9ff2430dc
- SHA512
  
  f24e4cb1ec5bc2296df5cf89a034aa4e6e63af1bd84d040feb6a027ded16d08e3bd6f2c171741e60827e30cc91dbfce5c079d6366f0040f167049bc7e5e733a2
Score

10^/10

vjw0rm persistence trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmpersistencetrojanworm

behavioral2

vjw0rmpersistencetrojanworm

© 2018-2024

Terms | Privacy