Overview

overview

10

Static

static

1

9b647c40e9...5d7.js

windows7-x64

10

9b647c40e9...5d7.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    edd277e7a04ec062c49bafdb7d8b07af.bin

  • Size

    2KB

  • Sample

    240218-fbyl6adh8v

  • MD5

    a26c3d17878b771ca08203e667f379d5

  • SHA1

    c9454a3e95b8123c2b0adeabc1507a3c1e44c5cf

  • SHA256

    bb0b2c9c770c7a7e7b5be77e653fd23b2248b7d7635206bec5dba2eb22d5db8f

  • SHA512

    52acb49625e9963c4b54ef17581a1aab661f6a5bafe8a58cbfafa3f81274f15d552961189e053fe78e024971b3b2d0f320c8931f5a2ba017a0b4452c11894ebf

Score
10/10
vjw0rmpersistencetrojanworm

Malware Config

Targets

    • Target

      9b647c40e98c2de028ce703d6b5558b6a9a9d75a59c7cdd81d78e71aea0c25d7.js

    • Size

      6KB

    • MD5

      edd277e7a04ec062c49bafdb7d8b07af

    • SHA1

      1ff9c18bacf61a830f4f7001c5e19f8868ceb6b8

    • SHA256

      9b647c40e98c2de028ce703d6b5558b6a9a9d75a59c7cdd81d78e71aea0c25d7

    • SHA512

      fe118202237beae08ed786fa6905c418e18c9b27a40083911ebe77bd23c7584124eb5ff4422a0b9f9d49f7dbc7a618b2a30cefc938cdbcb36cc30d6b711778af

    • SSDEEP

      96:FnYZH1uypXd3HofJBslCFGJc9lBdqlr+bXcCnTBw5BdeCldb+rNeUo0:BYZVhDrLlriXcCnTBw5BdnldCrNHo0

    Score
    10/10
    vjw0rmpersistencetrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Blocklisted process makes network request

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks