vjw0rm | ed505690251f92f79fb3341968a3283e69bcd4ffe08539593b1601fac515c36b | Triage

Sharing

General

Target

VQlpXNzQJz.js
Size

346KB
Sample

230605-wvcf2aaa83
MD5

3ed07b2cfc14457c448129ac338d1a9b
SHA1

e07cd37475c0a9e2c53d4f7df317c8b4be70855e
SHA256

ed505690251f92f79fb3341968a3283e69bcd4ffe08539593b1601fac515c36b
SHA512

db34f63ad7cd4580c200040f1ced68ef7477cf61e44304932a2989cda520a56e90bf51d27bcd8474f14600a92f25664befa9a64caf26c009d5ecb6a610b78fa5
SSDEEP

6144:eQfPBx5q0sQ1o7rsbHC01mDBpNW2mTMSbpuV8l/:eQ3B7qgpr

Score

10^/10

vjw0rm trojan worm

Malware Config

Targets

- Target
  
  VQlpXNzQJz.js
- Size
  
  346KB
- MD5
  
  3ed07b2cfc14457c448129ac338d1a9b
- SHA1
  
  e07cd37475c0a9e2c53d4f7df317c8b4be70855e
- SHA256
  
  ed505690251f92f79fb3341968a3283e69bcd4ffe08539593b1601fac515c36b
- SHA512
  
  db34f63ad7cd4580c200040f1ced68ef7477cf61e44304932a2989cda520a56e90bf51d27bcd8474f14600a92f25664befa9a64caf26c009d5ecb6a610b78fa5
- SSDEEP
  
  6144:eQfPBx5q0sQ1o7rsbHC01mDBpNW2mTMSbpuV8l/:eQ3B7qgpr
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Drops startup file
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

vjw0rmtrojanworm

behavioral2

vjw0rmtrojanworm

behavioral3

vjw0rmtrojanworm