Overview

overview

10

Static

static

1

b8722654a1...392.js

windows7-x64

10

b8722654a1...392.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8722654a1ef8fcfebf490bce2492392

  • Size

    207KB

  • Sample

    231222-rf3bpafeej

  • MD5

    b8722654a1ef8fcfebf490bce2492392

  • SHA1

    7669dfc5f9bf91b3231fe30cb052adeb60e5f749

  • SHA256

    87d6eb8714fe79b95f2f74649cd2fef28e9d57e4c4e990d7ac0f0f6281b978f8

  • SHA512

    2ceff57cdf708ebe9c4b3735589045730178bf9914bcebef478c5ec8fa14fcd879c71c5543c7b90faff71f70ed477f1376e070785e2d3bbe52f11397aaec1846

  • SSDEEP

    3072:n3zn7Ok2Cw2jnNqAQ6rJBBjQ/+E8L+dE/6QXqU3OTBc0JF7mn+CtY6K1LmvjIPdB:z7Fng6FBBcpgC2FZ3AD7mn+v6ALkEdqO

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      b8722654a1ef8fcfebf490bce2492392

    • Size

      207KB

    • MD5

      b8722654a1ef8fcfebf490bce2492392

    • SHA1

      7669dfc5f9bf91b3231fe30cb052adeb60e5f749

    • SHA256

      87d6eb8714fe79b95f2f74649cd2fef28e9d57e4c4e990d7ac0f0f6281b978f8

    • SHA512

      2ceff57cdf708ebe9c4b3735589045730178bf9914bcebef478c5ec8fa14fcd879c71c5543c7b90faff71f70ed477f1376e070785e2d3bbe52f11397aaec1846

    • SSDEEP

      3072:n3zn7Ok2Cw2jnNqAQ6rJBBjQ/+E8L+dE/6QXqU3OTBc0JF7mn+CtY6K1LmvjIPdB:z7Fng6FBBcpgC2FZ3AD7mn+v6ALkEdqO

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks