vjw0rm | 7f205faa4e3efc5c69c39bd714e4578511cda0c2c53ba01ca208b55a3a21954a | Triage

Submit
Reports

Overview

overview

Static

static

PaymentReceipy.js

windows7_x64

1

PaymentReceipy.js

windows10-2004_x64

Sharing

General

Target

7f205faa4e3efc5c69c39bd714e4578511cda0c2c53ba01ca208b55a3a21954a
Size

27KB
Sample

220207-189e5saee6
MD5

eba028e515f7ab126753a9f0e2dc4b1e
SHA1

647d962a1a72021707c0753269d3f6b82e04ab19
SHA256

7f205faa4e3efc5c69c39bd714e4578511cda0c2c53ba01ca208b55a3a21954a
SHA512

a8f952047db2e354bd5c8e6eb6851d6bafc37677375b546557abd60f84bea90b9642631a9bccf12e81dbd1f3bd914607e8a1fbbd5ad3e4776debd57deb1adbb5

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

PaymentReceipy.js

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

PaymentReceipy.js

Resource

win10v2004-en-20220113

vjw0rm trojan worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  PaymentReceipy.js
- Size
  
  25KB
- MD5
  
  656fc1d85b05c8e8055d66a5968e4124
- SHA1
  
  92d9e5ff24aa8be8d546f2883cf263d07358c629
- SHA256
  
  852aa3c31a05674bc43143e9d8586db07e7ffd782fcaec1f9383726f6330c90a
- SHA512
  
  8f9f63ef76c2d553bfa0ec68adf6fae028383921634d1a9f04dd2828f02e0a8ea45b0e120372f017dddfe6a32c38536d3ff4b3b943c83fd0c70f448868c0afd0
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

vjw0rmtrojanworm

© 2018-2024

Terms | Privacy