vjw0rm | 958f80da5df82178bb338137751b142675a89035163481b18833097fc0dce07d | Triage

Submit
Reports

Overview

overview

Static

static

ReceiptCopy.js

windows7_x64

1

ReceiptCopy.js

windows10-2004_x64

Sharing

General

Target

958f80da5df82178bb338137751b142675a89035163481b18833097fc0dce07d
Size

27KB
Sample

220206-yz4r7abgdm
MD5

4f59f085081fb6c1af760c8e275c6b31
SHA1

6621c1dd683fa34ad2c1ef5b271b10d1877a05e9
SHA256

958f80da5df82178bb338137751b142675a89035163481b18833097fc0dce07d
SHA512

91aa889579169a8d200545b727cc924146ba87c38e3144f349cd56bb8d31c86a7c022b9659f7aaed025fdde46eb1e84f9832af95e105ccbeb9eefe01702fdc57

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

ReceiptCopy.js

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ReceiptCopy.js

Resource

win10v2004-en-20220113

vjw0rm trojan worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ReceiptCopy.js
- Size
  
  25KB
- MD5
  
  536b0fc3b2936a2ef9a6e08782cdbad9
- SHA1
  
  4d8edcd50a350250bb2417386265409e456bf398
- SHA256
  
  f436de95648150b40d034da2e8230a06c036a40ea3d59ac38f50dac80e90e08e
- SHA512
  
  ec824a34d66cba7dc3e34457bb1fcea448f691468e260bf94edf6ab0c560139997f53036b031ef9974d38200d8065cc7d91c02ef82d029981a8854bb97cb70c6
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

vjw0rmtrojanworm

© 2018-2024

Terms | Privacy