General
-
Target
Account sheet .jpg.js
-
Size
15KB
-
Sample
211130-hrhlzsebck
-
MD5
df9656ed02964c805f934e28abf9ebee
-
SHA1
76ab9cc502134c1c9a45d77e43bdb1c8273d43a8
-
SHA256
7708fbfa03f5eb10ade6b19f0a09af9c9ec4f6353e6be67ab045dca5d2e3b801
-
SHA512
cd457985dd298de401f0c0d06c4e2cb13c1c4833cbac97e2db9fd038da741b2d77a5566328ef1768a9b728345d8c18924c1f818413d5edc56d5b57386eb63566
Score
10/10
Malware Config
Extracted
Family
vjw0rm
C2
http://77.247.110.107:7849
Targets
-
-
Target
Account sheet .jpg.js
-
Size
15KB
-
MD5
df9656ed02964c805f934e28abf9ebee
-
SHA1
76ab9cc502134c1c9a45d77e43bdb1c8273d43a8
-
SHA256
7708fbfa03f5eb10ade6b19f0a09af9c9ec4f6353e6be67ab045dca5d2e3b801
-
SHA512
cd457985dd298de401f0c0d06c4e2cb13c1c4833cbac97e2db9fd038da741b2d77a5566328ef1768a9b728345d8c18924c1f818413d5edc56d5b57386eb63566
Score10/10-
Vjw0rm
Vjw0rm is a remote access trojan written in JavaScript.
-
Blocklisted process makes network request
-
Drops startup file
-