vjw0rm | d4276b4b8112c9cd47f919bbec2dd4c411c18e3727b8232e89240652b9becc1c | Triage

Submit
Reports

Overview

overview

Static

static

5bed3acd_i...l4H.js

windows7_x64

5bed3acd_i...l4H.js

windows10_x64

Sharing

General

Target

5bed3acd_ijm1WfCl4H
Size

901KB
Sample

210910-fppamscdcp
MD5

5bed3acd00a2c4a7f40d0a90f712279f
SHA1

04ee09c5ca9227991e240fb8fadf0ab04358791f
SHA256

d4276b4b8112c9cd47f919bbec2dd4c411c18e3727b8232e89240652b9becc1c
SHA512

aea4ff20e67d2452cbb64cf1fab93e5376155c0f216bf75a2e41eee9a9477cf63b131fee13211e310f81dbdfd754870238a9f402d69767b7e23a2a1e50392c42

Score

10^/10

vjw0rm persistence trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

5bed3acd_ijm1WfCl4H.js

Resource

win7v20210408

vjw0rm persistence trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5bed3acd_ijm1WfCl4H.js

Resource

win10v20210408

vjw0rm persistence trojan worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5bed3acd_ijm1WfCl4H
- Size
  
  901KB
- MD5
  
  5bed3acd00a2c4a7f40d0a90f712279f
- SHA1
  
  04ee09c5ca9227991e240fb8fadf0ab04358791f
- SHA256
  
  d4276b4b8112c9cd47f919bbec2dd4c411c18e3727b8232e89240652b9becc1c
- SHA512
  
  aea4ff20e67d2452cbb64cf1fab93e5376155c0f216bf75a2e41eee9a9477cf63b131fee13211e310f81dbdfd754870238a9f402d69767b7e23a2a1e50392c42
Score

10^/10

vjw0rm persistence trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vjw0rmpersistencetrojanworm

behavioral2

vjw0rmpersistencetrojanworm

© 2018-2024

Terms | Privacy