General
-
Target
a0f6fb7fa7c1cfcdbbfc67d307c74083
-
Size
8KB
-
Sample
240224-e9qtjahd83
-
MD5
a0f6fb7fa7c1cfcdbbfc67d307c74083
-
SHA1
58341f91d689f92a4a6918437d753deda79ebf4f
-
SHA256
59f8cd4a8082917464fa030dbf1bc90f99d12f30fc4ba6cd3723db42ca9b12f7
-
SHA512
5971476bc95241d03fe173a9f253eacc1c9efc8af065b71e32b31d221efe82f892c372fa8851dd61b86593bc776255ef9c664a15cf4549f9048eee69a3cc4873
-
SSDEEP
192:h9ohUmsP4t/HFLFm1Fc32LyrBfs+in3RDfFkqQfnB/DoAn4JKv1eg3:gFsgtvFEiG+lfs+U3RDfFkqYhDoAn4J6
Malware Config
Targets
-
-
Target
a0f6fb7fa7c1cfcdbbfc67d307c74083
-
Size
8KB
-
MD5
a0f6fb7fa7c1cfcdbbfc67d307c74083
-
SHA1
58341f91d689f92a4a6918437d753deda79ebf4f
-
SHA256
59f8cd4a8082917464fa030dbf1bc90f99d12f30fc4ba6cd3723db42ca9b12f7
-
SHA512
5971476bc95241d03fe173a9f253eacc1c9efc8af065b71e32b31d221efe82f892c372fa8851dd61b86593bc776255ef9c664a15cf4549f9048eee69a3cc4873
-
SSDEEP
192:h9ohUmsP4t/HFLFm1Fc32LyrBfs+in3RDfFkqQfnB/DoAn4JKv1eg3:gFsgtvFEiG+lfs+U3RDfFkqYhDoAn4J6
Score10/10-
Vjw0rm
Vjw0rm is a remote access trojan written in JavaScript.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-