Overview

overview

10

Static

static

1

0f8ef908f4...9a0.js

windows7-x64

10

0f8ef908f4...9a0.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f8ef908f483815d049a4c34433b89a0

  • Size

    205KB

  • Sample

    231230-frw39sdfe7

  • MD5

    0f8ef908f483815d049a4c34433b89a0

  • SHA1

    2179ad62490090265247159dc8fe485c15df971f

  • SHA256

    31f5c289daf8c7fa2c8652f1686e208f6d25784bc9bed2a166c906031e70d449

  • SHA512

    cce76b71dfb9537b3489ed921ccd9e610f43c1c047df44f0a10252f78b6484df7aa0a49eb193ebb11c9c388dffe89901f10a8bcaebfad57824eb102f5a5c7de1

  • SSDEEP

    3072:6Bxt7tTuqdZUBME61Kyv6uh9Gy2B2ajLMQ3bKCnXu0r4uJ93U5Jcbovg:45tJZKMD1Ktuh8ysJHMQ3brnVn9c2F

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      0f8ef908f483815d049a4c34433b89a0

    • Size

      205KB

    • MD5

      0f8ef908f483815d049a4c34433b89a0

    • SHA1

      2179ad62490090265247159dc8fe485c15df971f

    • SHA256

      31f5c289daf8c7fa2c8652f1686e208f6d25784bc9bed2a166c906031e70d449

    • SHA512

      cce76b71dfb9537b3489ed921ccd9e610f43c1c047df44f0a10252f78b6484df7aa0a49eb193ebb11c9c388dffe89901f10a8bcaebfad57824eb102f5a5c7de1

    • SSDEEP

      3072:6Bxt7tTuqdZUBME61Kyv6uh9Gy2B2ajLMQ3bKCnXu0r4uJ93U5Jcbovg:45tJZKMD1Ktuh8ysJHMQ3brnVn9c2F

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks