vjw0rm | 959c3c857866b02879204acd58e128eb352a3e7004362cfdc1a5703518bf9a4d | Triage

Resubmissions

26-02-2024 10:46

240226-mt7fcabh5y 10

26-02-2024 10:40

240226-mqrkqabd96 10

Sharing

General

Target

a626d7243811dc4d8ccca242d6795316
Size

627KB
Sample

240226-mqrkqabd96
MD5

a626d7243811dc4d8ccca242d6795316
SHA1

513cc770efdea98330eaf69e87dc9b0b54fb6faa
SHA256

959c3c857866b02879204acd58e128eb352a3e7004362cfdc1a5703518bf9a4d
SHA512

6ed975a6f358cd5c9fbc211c468accccbc98fc46a01e40c5f376857b572d9e3bf317f7450d870f6e80d6c3f2c9435d755e4b71341b50493b1b5b889fc4ffa5a0
SSDEEP

12288:DzfOwy3k0VQxylA2fOkE4Xrp68OcIDApGxGSA59Z/6Q9CbMsRdHladw/7p:Dzvy3k0Gou2ZE4XMr0GE8VHYdwjp

Score

10^/10

vjw0rm discovery persistence trojan worm

Malware Config

Targets

- Target
  
  a626d7243811dc4d8ccca242d6795316
- Size
  
  627KB
- MD5
  
  a626d7243811dc4d8ccca242d6795316
- SHA1
  
  513cc770efdea98330eaf69e87dc9b0b54fb6faa
- SHA256
  
  959c3c857866b02879204acd58e128eb352a3e7004362cfdc1a5703518bf9a4d
- SHA512
  
  6ed975a6f358cd5c9fbc211c468accccbc98fc46a01e40c5f376857b572d9e3bf317f7450d870f6e80d6c3f2c9435d755e4b71341b50493b1b5b889fc4ffa5a0
- SSDEEP
  
  12288:DzfOwy3k0VQxylA2fOkE4Xrp68OcIDApGxGSA59Z/6Q9CbMsRdHladw/7p:Dzvy3k0Gou2ZE4XMr0GE8VHYdwjp
Score

10^/10

vjw0rm persistence trojan worm discovery
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vjw0rmpersistencetrojanworm

behavioral2

vjw0rmdiscoverypersistencetrojanworm