vjw0rm | 85d27bf2a41d6a4823743d4efd47fc86eee2cc40f25bcbc70d3fdb506b689eb0 | Triage

Submit
Reports

Overview

overview

Static

static

POS0456.js

windows7_x64

1

POS0456.js

windows10-2004_x64

Sharing

General

Target

85d27bf2a41d6a4823743d4efd47fc86eee2cc40f25bcbc70d3fdb506b689eb0
Size

27KB
Sample

220206-3fwdxscgeq
MD5

b9a8389b8a6b04018521f3246a8b0e26
SHA1

3452604c2c4d3cad75b623cfbf0fb0d78c3b546c
SHA256

85d27bf2a41d6a4823743d4efd47fc86eee2cc40f25bcbc70d3fdb506b689eb0
SHA512

7880b2a4d38ff8055bbbd81fb31791ac0f758f13bcdd60af2e31448cf4dc23efd7ab54e64d9149b7543103980404c7927e5433e57d0776b4c4bc7ccd71d3550b

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

POS0456.js

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

POS0456.js

Resource

win10v2004-en-20220112

vjw0rm trojan worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  POS0456.js
- Size
  
  25KB
- MD5
  
  f6a5d685af3f8006ae0bbe7799ee13b3
- SHA1
  
  242b73ccde449723c133c65768cdddd1a0187d8e
- SHA256
  
  88c48ebfd908debd8b8c89470957a4c56ed11f5ab3a3255d50d82fc3796c954c
- SHA512
  
  a6b5d939585413a6fd07d3b3a82fb7ebb574bbfa9b355c06dbf8848bad54fb084c0e5e1f3c3a847e2be09ae4ac410949a1243747f6eaee742fba1b1a70278b05
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

vjw0rmtrojanworm

© 2018-2024

Terms | Privacy