Overview

overview

10

Static

static

1

4cba408df8...41.jar

windows7-x64

10

4cba408df8...41.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4cba408df86e977b569cbbbb620f6541

  • Size

    129KB

  • Sample

    240108-3esawafbgj

  • MD5

    4cba408df86e977b569cbbbb620f6541

  • SHA1

    062a68ec018d9ee80666386cf505dd65bd316f24

  • SHA256

    f8feadc1125cf67e04a78dddf70c6eef258178b9c38d23ab9be976c9f2c71c72

  • SHA512

    4478e08c27d1dcda2d7a4da70bc94d5a329815e9bb820e9319d348b46fdd04abb0ae95304d699af58c0ef48c99506214addedfe59362a2774ef68f9b26c89e40

  • SSDEEP

    3072:2d+2eE4r5mV/KoUzvUWyWa2U73yERqTjdDzFXEpcTxiA:2UBmYo2MzB2U7ippzFUpcTQA

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      4cba408df86e977b569cbbbb620f6541

    • Size

      129KB

    • MD5

      4cba408df86e977b569cbbbb620f6541

    • SHA1

      062a68ec018d9ee80666386cf505dd65bd316f24

    • SHA256

      f8feadc1125cf67e04a78dddf70c6eef258178b9c38d23ab9be976c9f2c71c72

    • SHA512

      4478e08c27d1dcda2d7a4da70bc94d5a329815e9bb820e9319d348b46fdd04abb0ae95304d699af58c0ef48c99506214addedfe59362a2774ef68f9b26c89e40

    • SSDEEP

      3072:2d+2eE4r5mV/KoUzvUWyWa2U73yERqTjdDzFXEpcTxiA:2UBmYo2MzB2U7ippzFUpcTQA

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks