Overview

overview

10

Static

static

1

29e6358dcc...97f.js

windows7-x64

10

29e6358dcc...97f.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29e6358dcc6c6518ff978ed2e06a097f

  • Size

    231KB

  • Sample

    231221-3q37hseag9

  • MD5

    29e6358dcc6c6518ff978ed2e06a097f

  • SHA1

    963d7a5020461bf138b723518c4b606599ad18b4

  • SHA256

    1e4b0b6254e8f64254e54a9b587c58b1b315d3778f2f359c1e2fa8a5eedf2832

  • SHA512

    25310412f2e6b727cc990a17a6c6435a5c2380245beeae7fdfe45748bb7858d48910da032bf277322b7639bfb49c247f066aa3030758b344eb4403f88a9e4c62

  • SSDEEP

    6144:IF6rpMoVfIVW0q6+wQdb+MMeRcvLEGAaw731WB:IF0Tw7QdtMeRcvLEGAaA3g

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      29e6358dcc6c6518ff978ed2e06a097f

    • Size

      231KB

    • MD5

      29e6358dcc6c6518ff978ed2e06a097f

    • SHA1

      963d7a5020461bf138b723518c4b606599ad18b4

    • SHA256

      1e4b0b6254e8f64254e54a9b587c58b1b315d3778f2f359c1e2fa8a5eedf2832

    • SHA512

      25310412f2e6b727cc990a17a6c6435a5c2380245beeae7fdfe45748bb7858d48910da032bf277322b7639bfb49c247f066aa3030758b344eb4403f88a9e4c62

    • SSDEEP

      6144:IF6rpMoVfIVW0q6+wQdb+MMeRcvLEGAaw731WB:IF0Tw7QdtMeRcvLEGAaA3g

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.