Overview

overview

10

Static

static

DetailsCopy.js

windows7_x64

1

DetailsCopy.js

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6589d372bf8c9a60d6ec5e93b0a72c724d67107353eaeae7509c76ef43c9f5ff

  • Size

    27KB

  • Sample

    220206-zsa2zacaaj

  • MD5

    cfbdcd2758e7e844b439ecff4ab10c08

  • SHA1

    e911b117ba17c51f12d5545bfe2609051c13cf32

  • SHA256

    6589d372bf8c9a60d6ec5e93b0a72c724d67107353eaeae7509c76ef43c9f5ff

  • SHA512

    50ccb032290a6122f11cee1b7903eca3267180c0f98c221bfe7d641e9e5439e3fbf84d18e15c90c5d96b32b3611b2d083b49f7802e5ee01c42a80f0f13854c00

Score
10/10
vjw0rmtrojanworm

Malware Config

Targets

    • Target

      DetailsCopy.js

    • Size

      25KB

    • MD5

      4e58cca87a3826cf268a10c17fbb16c2

    • SHA1

      a4659cf24243d6f8dec0b0fd10b80f4f69af2335

    • SHA256

      99f995f2a166ae50c3676b47bf364024aec92bed8f68136a8a6c9ddc74d6f879

    • SHA512

      04bf971c5ad9a56b48959213685a3072113004e9c6ee2f8ca2ea9f19e03cefb57a90bed68209fb14ef942d6000a5ca467009c0caba481eb842c740af365adb83

    Score
    10/10
    vjw0rmtrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks