Overview

overview

10

Static

static

d545270fe4...395.js

windows7-x64

10

d545270fe4...395.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ed6de4f3937d74a4a890fd63a731913.bin

  • Size

    884KB

  • Sample

    230123-k7hb9sec9s

  • MD5

    b2cc06097ae14ddf150f4d41a13b9ad2

  • SHA1

    d3cb2ed0e4d0945fb159925579fd2fce9995dd45

  • SHA256

    a084e2e6518b0326f38a0dfd087dc9ca17c2ef953e4cb05f1ccc3b35acc8ab01

  • SHA512

    b3305854006f6d026281491e2ca73192a89cda5d6e9dfe1ebcddd03bda86c7774d1785bfdb82cfa5b4bc106f4e24101f2f3a1affbf8ab9bb4949a0c8ce6a5cee

  • SSDEEP

    24576:hj10wufu3X48uSTZGysgakirG0Ye0WFF+d+epf8:kw0u4rUJHuG0YeD+gO8

Score
10/10
vjw0rmcollectionspywarestealertrojanworm

Malware Config

Targets

    • Target

      d545270fe4ea4823d14c419ec38d3c1f861c6a24c096b3b0953960428c4ef395.js

    • Size

      1.4MB

    • MD5

      6ed6de4f3937d74a4a890fd63a731913

    • SHA1

      e6e6c10575efbc35a55d47bd4769223da7a8d9cc

    • SHA256

      d545270fe4ea4823d14c419ec38d3c1f861c6a24c096b3b0953960428c4ef395

    • SHA512

      717911ec6dd302ad70a13da42bc877cc02b268bf515c09dfea302799665e6102a1585575232b4191ac586904b418f360aab46d5da7df7f63a97f661678579c82

    • SSDEEP

      24576:7BqyjfTTfng/+3tHhRkeBQxoS+Vy9ePXG:7BRTTYQBRksQxoS+8f

    Score
    10/10
    vjw0rmcollectionspywarestealertrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks