Overview

overview

10

Static

static

3f0320201b...44f.js

windows7-x64

10

3f0320201b...44f.js

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    29/01/2023, 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f0320201b0870d0d9027157e9b60897aba8fa245bc3276ac3faa083497a444f.js

  • Size

    8KB

  • MD5

    c595f56942b02cee85675d6a73203392

  • SHA1

    0d3a0cbb1dbc5a379d126c58731d2d8413b96203

  • SHA256

    3f0320201b0870d0d9027157e9b60897aba8fa245bc3276ac3faa083497a444f

  • SHA512

    645b7803fc8cd60ffe2353dd15fd8ccd3dcf3d074736dd4a89f0d4c0a8589d8f4a22ee157cdbac2c38a43cc007653ab6b531c86b205ec380ec1f52e848057fd9

  • SSDEEP

    96:v5XKP2NXtklLoNj/XxKWr6F7ruUbQOQEQuE+GbFadY7l09tNNSZmM1ZFCZ9X/Z6y:hKPsXtkldOIlbJoad8lG

Score
10/10
vjw0rmtrojanworm

Malware Config

Signatures

  • Vjw0rm

    Vjw0rm is a remote access trojan written in JavaScript.

    trojanwormvjw0rm
  • Drops startup file 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\3f0320201b0870d0d9027157e9b60897aba8fa245bc3276ac3faa083497a444f.js
    1⤵
    • Drops startup file
    PID:2040

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2040-54-0x000007FEFBAC1000-0x000007FEFBAC3000-memory.dmp

    Filesize

    8KB

    Download