Overview

overview

10

Static

static

1

c98083c89b..._JC.js

windows7-x64

10

c98083c89b..._JC.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c98083c89ba696fdc10a9528722e8673f70b0b1872b52fbda472a38d4cfbf350_JC.js

  • Size

    3.1MB

  • Sample

    230927-vqqbnaea45

  • MD5

    cf54d832051744f8a17d8883bb0d7579

  • SHA1

    8996b0ea7579eefdc5b143d8e71e00fbabef2749

  • SHA256

    c98083c89ba696fdc10a9528722e8673f70b0b1872b52fbda472a38d4cfbf350

  • SHA512

    9918d08bdbcec5213e30cc732dbd0705bcc3a7db08090ae8366a57c9cbbb87296861c75eafb6f239deba92711d7cbacd482f2a25dea0ef96545fe00ae0cb40b6

  • SSDEEP

    768:aBLsno5sVaEb33OSp4//6AtsaaiIWVibo1WFti/KaqQh:aBLso5sVaEb3+SAtsaaiBwU1WFyKnO

Score
10/10
vjw0rmpersistencetrojanworm

Malware Config

Targets

    • Target

      c98083c89ba696fdc10a9528722e8673f70b0b1872b52fbda472a38d4cfbf350_JC.js

    • Size

      3.1MB

    • MD5

      cf54d832051744f8a17d8883bb0d7579

    • SHA1

      8996b0ea7579eefdc5b143d8e71e00fbabef2749

    • SHA256

      c98083c89ba696fdc10a9528722e8673f70b0b1872b52fbda472a38d4cfbf350

    • SHA512

      9918d08bdbcec5213e30cc732dbd0705bcc3a7db08090ae8366a57c9cbbb87296861c75eafb6f239deba92711d7cbacd482f2a25dea0ef96545fe00ae0cb40b6

    • SSDEEP

      768:aBLsno5sVaEb33OSp4//6AtsaaiIWVibo1WFti/KaqQh:aBLso5sVaEb3+SAtsaaiBwU1WFyKnO

    Score
    10/10
    vjw0rmpersistencetrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.