vjw0rm | bad7e710a6dc0ea01d0c38668474bb67206bef3263471e474afb302c83e46a77 | Triage

Submit
Reports

Overview

overview

Static

static

PayCopy.js

windows7_x64

1

PayCopy.js

windows10-2004_x64

Sharing

General

Target

bad7e710a6dc0ea01d0c38668474bb67206bef3263471e474afb302c83e46a77
Size

27KB
Sample

220206-zrv1racac4
MD5

6776987609a029752b2b4e5407339d1a
SHA1

e2e14053ac96ceef5eb76574d209750d9c13dedc
SHA256

bad7e710a6dc0ea01d0c38668474bb67206bef3263471e474afb302c83e46a77
SHA512

7a6456fe826e8b3c862d623c7170c572c94a4edb1758f4f3ac55a8fdb52f9588b04de46bceb8e4dfc22fe6dc341772639b1e9d18710bff4d565dd4f4e54997ca

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

PayCopy.js

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PayCopy.js

Resource

win10v2004-en-20220113

vjw0rm trojan worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  PayCopy.js
- Size
  
  25KB
- MD5
  
  e1dbb7b7a6ecf80408eb1d3ace545a37
- SHA1
  
  6a68c65931c81681e4bb93cadbca46b512930942
- SHA256
  
  ebc4b05b8cc66eb56ecfa8457cfa10e219ac335ee379a825a9edbd445ab0a1a4
- SHA512
  
  834be4f3be91d68712e00363a611f92f635684dc52840b61db5d86f19204e23fbc9e6fcc94c04766c3ebc995810cced5a8b015fedf28400fcbf6ce6b233e4065
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

vjw0rmtrojanworm

© 2018-2024

Terms | Privacy