Overview

overview

10

Static

static

1

553975254b...569.js

windows7-x64

10

553975254b...569.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    553975254beafdaab9f69011980b9569

  • Size

    231KB

  • Sample

    231222-c78v8aahf7

  • MD5

    553975254beafdaab9f69011980b9569

  • SHA1

    b549e749a1991bf12145a20c1f968c07a1645822

  • SHA256

    d5fd83a507b0f9384bc408819389cd9e23c89b55a0edb6857673fba8113e2159

  • SHA512

    ffebe27b3a746439698958852c8e1714813c54744fecad790877583347d54413b3adc60347dbb084a6ea52c9d3902333e688cc0b8e556eb8c545d08543f48112

  • SSDEEP

    3072:4htCq5YabaADWqyDjzccgMaH2kyBq050bCHi0WDv5DpkVibFM3p+iF8NzK9L57qB:Y9SLBgUNlJZWFGVvpBAzK9L57GeWB

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      553975254beafdaab9f69011980b9569

    • Size

      231KB

    • MD5

      553975254beafdaab9f69011980b9569

    • SHA1

      b549e749a1991bf12145a20c1f968c07a1645822

    • SHA256

      d5fd83a507b0f9384bc408819389cd9e23c89b55a0edb6857673fba8113e2159

    • SHA512

      ffebe27b3a746439698958852c8e1714813c54744fecad790877583347d54413b3adc60347dbb084a6ea52c9d3902333e688cc0b8e556eb8c545d08543f48112

    • SSDEEP

      3072:4htCq5YabaADWqyDjzccgMaH2kyBq050bCHi0WDv5DpkVibFM3p+iF8NzK9L57qB:Y9SLBgUNlJZWFGVvpBAzK9L57GeWB

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks