Overview

overview

10

Static

static

1

4b26302705...ced.js

windows7-x64

10

4b26302705...ced.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b263027057b16a083bb8e409b8dbced

  • Size

    199KB

  • Sample

    231222-b7djmsdhgn

  • MD5

    4b263027057b16a083bb8e409b8dbced

  • SHA1

    f4c761417c146343db7d305f60a3b370669fe8e5

  • SHA256

    f251156124b27bd9de66f6cf4d17b234cae540a4737dfe95fb71602dfd738174

  • SHA512

    38b3be25c0dc3a9aafa995a565bc9588741e3178ebe64bb95a07e2e3000f9900ebde4f5a5543a2d8688e29907fb392705a12fd6f6dc264b94fdaa3f4a128ba5f

  • SSDEEP

    3072:Oaqiowk1T2FI5gt6SIIjX9IGLfm1Hri4+fJ5L/QBdc7EBHWB:ORi2Slg0jHCi4arL/Udc7EpWB

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      4b263027057b16a083bb8e409b8dbced

    • Size

      199KB

    • MD5

      4b263027057b16a083bb8e409b8dbced

    • SHA1

      f4c761417c146343db7d305f60a3b370669fe8e5

    • SHA256

      f251156124b27bd9de66f6cf4d17b234cae540a4737dfe95fb71602dfd738174

    • SHA512

      38b3be25c0dc3a9aafa995a565bc9588741e3178ebe64bb95a07e2e3000f9900ebde4f5a5543a2d8688e29907fb392705a12fd6f6dc264b94fdaa3f4a128ba5f

    • SSDEEP

      3072:Oaqiowk1T2FI5gt6SIIjX9IGLfm1Hri4+fJ5L/QBdc7EBHWB:ORi2Slg0jHCi4arL/Udc7EpWB

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks