Overview

overview

10

Static

static

PO-098765MK.js

windows7_x64

1

PO-098765MK.js

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18294edc05062af67b1f0cd7dbf9fd71a424ce41c0b18376bec78fcec3e3df1d

  • Size

    27KB

  • Sample

    220208-bgaeasbdhr

  • MD5

    c54d9e6b7961319f2ac6ab6c82ab062e

  • SHA1

    e9ed3aa529988f0408bb84964c12466b9f1f5ee9

  • SHA256

    18294edc05062af67b1f0cd7dbf9fd71a424ce41c0b18376bec78fcec3e3df1d

  • SHA512

    22d9343ebe4a15815cfe37cf323b1b313210cd2612f58556784e5c93b02d40ca7c7b5e1cb780cf801c346893df917fd93b31f0de7c5daf4ade4586ea157d82b2

Score
10/10
vjw0rmtrojanworm

Malware Config

Targets

    • Target

      PO-098765MK.js

    • Size

      25KB

    • MD5

      139e0e10e1e1a4d2ba7f582c7f090386

    • SHA1

      2fd97c48b50d5b1954deda2ec5dcf0e2982226d2

    • SHA256

      34118f870c72acd9879333419b07dc6c07269a9905c3654cfa713ad028bf2665

    • SHA512

      34d9623b7019b450c5bac34b7f2543f333f16a0676dd1024678a0b40aedcb58d702caf3a04429987f10665b7ef6f0d13066a6c1e98fb89f9296ee1b0f30fdf33

    Score
    10/10
    vjw0rmtrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks