Overview

overview

10

Static

static

1

1a4ada26cb...0fe.js

windows7-x64

10

1a4ada26cb...0fe.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a4ada26cbf28c988746c71f8e1120fe

  • Size

    34KB

  • Sample

    231230-qx7gasaffr

  • MD5

    1a4ada26cbf28c988746c71f8e1120fe

  • SHA1

    6f4f29e0f1318c3a5f29598d17aad4d4b5d56245

  • SHA256

    ad7abbd37502335bdf4b9d8053e8804b3b4e69085d3756ef4b8353c7eba81422

  • SHA512

    84a23c93399a382f7f8a03d2c25a4860e04e6bbe7641d80ba2011d0135fc6a646fb9c18f94252b96d3e1d7cbd5bc000bea4a2a6b6711e2799e15e51b8de53a9e

  • SSDEEP

    768:IRUodg4NkXEJWWlpwxAbiWkH+qCBhd1FP8WO/m/4tY03l83:Xo6EJWwY+qCp1FP8Wd/6U

Score
10/10
vjw0rmpersistencetrojanworm

Malware Config

Targets

    • Target

      1a4ada26cbf28c988746c71f8e1120fe

    • Size

      34KB

    • MD5

      1a4ada26cbf28c988746c71f8e1120fe

    • SHA1

      6f4f29e0f1318c3a5f29598d17aad4d4b5d56245

    • SHA256

      ad7abbd37502335bdf4b9d8053e8804b3b4e69085d3756ef4b8353c7eba81422

    • SHA512

      84a23c93399a382f7f8a03d2c25a4860e04e6bbe7641d80ba2011d0135fc6a646fb9c18f94252b96d3e1d7cbd5bc000bea4a2a6b6711e2799e15e51b8de53a9e

    • SSDEEP

      768:IRUodg4NkXEJWWlpwxAbiWkH+qCBhd1FP8WO/m/4tY03l83:Xo6EJWwY+qCp1FP8Wd/6U

    Score
    10/10
    vjw0rmpersistencetrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks