vjw0rm | b58911f7beb1eacf2399e3fd1aadc1ca9c105844380a458e8fae6cb988ca6e68 | Triage

Sharing

General

Target

8da364e48c1693849411e06c5d4124a2
Size

11KB
Sample

231222-pz7peaafhm
MD5

8da364e48c1693849411e06c5d4124a2
SHA1

a3d64ad7a10fb4a3edd30eb368a47db9c3280bcf
SHA256

b58911f7beb1eacf2399e3fd1aadc1ca9c105844380a458e8fae6cb988ca6e68
SHA512

845616a49ee1bdb6fb16c29c604280a1ec19dc8665560c3eb4a9db8fc3fc02a85d0a6a9cc48cabad0828751eeaf607c984d1e54521b27a4788b9296f7bee8859
SSDEEP

192:gkHav/RRhckkL5uD3lJErwmHIEnZkaRXB4olQpsTxIfPpqc6fS:gth6uD1JeHIYkA5lQpsgPpqc6fS

Score

10^/10

vjw0rm persistence trojan worm

Malware Config

Targets

- Target
  
  8da364e48c1693849411e06c5d4124a2
- Size
  
  11KB
- MD5
  
  8da364e48c1693849411e06c5d4124a2
- SHA1
  
  a3d64ad7a10fb4a3edd30eb368a47db9c3280bcf
- SHA256
  
  b58911f7beb1eacf2399e3fd1aadc1ca9c105844380a458e8fae6cb988ca6e68
- SHA512
  
  845616a49ee1bdb6fb16c29c604280a1ec19dc8665560c3eb4a9db8fc3fc02a85d0a6a9cc48cabad0828751eeaf607c984d1e54521b27a4788b9296f7bee8859
- SSDEEP
  
  192:gkHav/RRhckkL5uD3lJErwmHIEnZkaRXB4olQpsTxIfPpqc6fS:gth6uD1JeHIYkA5lQpsgPpqc6fS
Score

10^/10

vjw0rm persistence trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vjw0rmpersistencetrojanworm

behavioral2

vjw0rmpersistencetrojanworm