Overview

overview

10

Static

static

1

80d07fb695...88.jar

windows7-x64

10

80d07fb695...88.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    80d07fb695cf98f441859d78c9a69c88

  • Size

    148KB

  • Sample

    240129-zf5e2sach5

  • MD5

    80d07fb695cf98f441859d78c9a69c88

  • SHA1

    6504e408f13b2f70ee3d0d891cf0fa532329a032

  • SHA256

    3f011a10f57445e62d0cf9c5add509215b39e09a742cae2d4707a07a48a71298

  • SHA512

    a2df2067c998a194b5c518a8a15486b8f45c4a9b98291a82280de98eafa79527a28472fe419f1ae6eec5ec90076ea3d7e6b42de87c9ee1390c10398314c0a59b

  • SSDEEP

    3072:k1fgGK11400Jn4GkPwAdarAH1sfjy0p02cdqBYJOr595/u/QMchyLsVeF873h9+G:rGK7400JpAdayOfjpTckBOY98/wcstRp

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      80d07fb695cf98f441859d78c9a69c88

    • Size

      148KB

    • MD5

      80d07fb695cf98f441859d78c9a69c88

    • SHA1

      6504e408f13b2f70ee3d0d891cf0fa532329a032

    • SHA256

      3f011a10f57445e62d0cf9c5add509215b39e09a742cae2d4707a07a48a71298

    • SHA512

      a2df2067c998a194b5c518a8a15486b8f45c4a9b98291a82280de98eafa79527a28472fe419f1ae6eec5ec90076ea3d7e6b42de87c9ee1390c10398314c0a59b

    • SSDEEP

      3072:k1fgGK11400Jn4GkPwAdarAH1sfjy0p02cdqBYJOr595/u/QMchyLsVeF873h9+G:rGK7400JpAdayOfjpTckBOY98/wcstRp

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks