Overview

overview

10

Static

static

1

8e23008d7a...bb.jar

windows7-x64

10

8e23008d7a...bb.jar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e23008d7ada844193b579c1194ed0bb

  • Size

    129KB

  • Sample

    240204-ecjc7abbcr

  • MD5

    8e23008d7ada844193b579c1194ed0bb

  • SHA1

    e41203fbb4e3fc56da36de0f16da8ea013835455

  • SHA256

    23470d051b914ebef24b5963b5cdfc2d88feedd783fd85766d1eb0397314b75e

  • SHA512

    aa65bb14c09782f67870278d97ab783dbe88c97d62cff44d2fbae649cb1b8ff045231df8b51e0b5ff695173a57b155be7b1b377dee5aa1df5c99a0d31f5e9cde

  • SSDEEP

    3072:FMT7X2SUszVuItHjPpPeM3jbFO6C11vZYPULkHImQq+MXa5Sh9UALa:FGMszVuKDPgM3jbFOXfvy1dQqjaOG

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      8e23008d7ada844193b579c1194ed0bb

    • Size

      129KB

    • MD5

      8e23008d7ada844193b579c1194ed0bb

    • SHA1

      e41203fbb4e3fc56da36de0f16da8ea013835455

    • SHA256

      23470d051b914ebef24b5963b5cdfc2d88feedd783fd85766d1eb0397314b75e

    • SHA512

      aa65bb14c09782f67870278d97ab783dbe88c97d62cff44d2fbae649cb1b8ff045231df8b51e0b5ff695173a57b155be7b1b377dee5aa1df5c99a0d31f5e9cde

    • SSDEEP

      3072:FMT7X2SUszVuItHjPpPeM3jbFO6C11vZYPULkHImQq+MXa5Sh9UALa:FGMszVuKDPgM3jbFOXfvy1dQqjaOG

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks