Overview

overview

10

Static

static

1

e1fe4fbc35...d24.js

windows7-x64

10

e1fe4fbc35...d24.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1fe4fbc351e87183a531bc2263a4d24

  • Size

    16KB

  • Sample

    231228-qz4s7adef6

  • MD5

    e1fe4fbc351e87183a531bc2263a4d24

  • SHA1

    cca28f37cd27838f83848bd719c5881da1063af7

  • SHA256

    dca9742380d4dfe4f501f1f24e3b856113be1be99a1548e27117cc67bd997fb9

  • SHA512

    5ec3eb28207223cca9c18f667a4ed90b077f21ba1e07c7adf54c69549e178a3131c28dce5ff6a54cdf25952fccfe5466cb9fb87bab4e97dd6246441d7a70dc6e

  • SSDEEP

    384:xZTsZHapjsJXe2pTn1ZmF1qJtOSK6qEt5nYmrk56YjlBeqj3ieKzYF:ENapY9nDmF18tOp6J/EljVj3lRF

Score
10/10
vjw0rmpersistencetrojanworm

Malware Config

Targets

    • Target

      e1fe4fbc351e87183a531bc2263a4d24

    • Size

      16KB

    • MD5

      e1fe4fbc351e87183a531bc2263a4d24

    • SHA1

      cca28f37cd27838f83848bd719c5881da1063af7

    • SHA256

      dca9742380d4dfe4f501f1f24e3b856113be1be99a1548e27117cc67bd997fb9

    • SHA512

      5ec3eb28207223cca9c18f667a4ed90b077f21ba1e07c7adf54c69549e178a3131c28dce5ff6a54cdf25952fccfe5466cb9fb87bab4e97dd6246441d7a70dc6e

    • SSDEEP

      384:xZTsZHapjsJXe2pTn1ZmF1qJtOSK6qEt5nYmrk56YjlBeqj3ieKzYF:ENapY9nDmF18tOp6J/EljVj3lRF

    Score
    10/10
    vjw0rmpersistencetrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks