adwind | 1fe0dc90be0152ee76d1775410359e28cc6e5ded3313cbf2ab356167d7f23e86 | Triage

Submit
Reports

Overview

overview

Static

static

Viaggitrem...er.jar

windows7_x64

Viaggitrem...er.jar

windows10_x64

Sharing

General

Target

Viaggitremila order.jar
Size

704KB
Sample

220113-qsdy7aaeb8
MD5

e6e48b9ddfccd128b550d3b358ce661d
SHA1

2e6d545e82019c0d64144d18bbec436909dcae66
SHA256

1fe0dc90be0152ee76d1775410359e28cc6e5ded3313cbf2ab356167d7f23e86
SHA512

83ebff23bfc7892e3a062aa1a01a0d9494999ac0e5c9891f241500acfa6e21ba3a6add83f333237875d92323e52f8fb054038f2a6de4f447357a898fdacf8fdf

Score

10^/10

adwind vjw0rm persistence trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

Viaggitremila order.jar

Resource

win7-en-20211208

adwind vjw0rm persistence trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Viaggitremila order.jar

Resource

win10-en-20211208

vjw0rm persistence trojan worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Viaggitremila order.jar
- Size
  
  704KB
- MD5
  
  e6e48b9ddfccd128b550d3b358ce661d
- SHA1
  
  2e6d545e82019c0d64144d18bbec436909dcae66
- SHA256
  
  1fe0dc90be0152ee76d1775410359e28cc6e5ded3313cbf2ab356167d7f23e86
- SHA512
  
  83ebff23bfc7892e3a062aa1a01a0d9494999ac0e5c9891f241500acfa6e21ba3a6add83f333237875d92323e52f8fb054038f2a6de4f447357a898fdacf8fdf
Score

10^/10

adwind vjw0rm persistence trojan worm
- AdWind
  A Java-based RAT family operated as malware-as-a-service.
  trojan adwind
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwindvjw0rmpersistencetrojanworm

behavioral2

vjw0rmpersistencetrojanworm

© 2018-2024

Terms | Privacy