vjw0rm | 4dcd9f66d9282e34de85b10101af0de546cfcfae341ebd5fd99505f9cbfe16d6 | Triage

Submit
Reports

Overview

overview

Static

static

js-beautified-1.js

windows7_x64

js-beautified-1.js

windows10-2004_x64

Sharing

General

Target

js-beautified-1.js
Size

31KB
Sample

220707-pzkvmsada6
MD5

74c140b0a8c5361225c5bb63ee8bba61
SHA1

e161bf368ac344a51ec2c17256ad5bd51e752aac
SHA256

4dcd9f66d9282e34de85b10101af0de546cfcfae341ebd5fd99505f9cbfe16d6
SHA512

d2464c1cf6f783d7e7b8c39af19d3759d26a02c2bd298200f5da935fce8ade5feeaf3a07a587159ca223f10b300133ffd314d22aaa625d10c4020e46e7cbd86b

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

js-beautified-1.js

Resource

win7-20220414-en

vjw0rm trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

js-beautified-1.js

Resource

win10v2004-20220414-en

vjw0rm trojan worm

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  js-beautified-1.js
- Size
  
  31KB
- MD5
  
  74c140b0a8c5361225c5bb63ee8bba61
- SHA1
  
  e161bf368ac344a51ec2c17256ad5bd51e752aac
- SHA256
  
  4dcd9f66d9282e34de85b10101af0de546cfcfae341ebd5fd99505f9cbfe16d6
- SHA512
  
  d2464c1cf6f783d7e7b8c39af19d3759d26a02c2bd298200f5da935fce8ade5feeaf3a07a587159ca223f10b300133ffd314d22aaa625d10c4020e46e7cbd86b
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmtrojanworm

behavioral2

vjw0rmtrojanworm

© 2018-2024

Terms | Privacy