Overview

overview

10

Static

static

1

b63a2f41ef...6d.jar

windows7-x64

10

b63a2f41ef...6d.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b63a2f41efeaf76634460ebf1b32226d

  • Size

    125KB

  • Sample

    240306-cdme5afg9y

  • MD5

    b63a2f41efeaf76634460ebf1b32226d

  • SHA1

    a45e1e55cc9aef31f2d9a60a11693e2d5d172fbe

  • SHA256

    e69e8751b597257f5e4f6a3fe1fdfa0ef273d8c6c6a7b1e620e392aee0cc64e4

  • SHA512

    4b5ad11c67e8ca623c4e38b6fef15ce262ad5f2b4319aac2b4df57504c067b5b8240e9490ef686d0c2c40e2b9185b6ef1551e84bba2c6b58766e752860931faa

  • SSDEEP

    3072:rGMG3YXiOSXwVB8iJjzVhZnX3R+lIL+TqQN7JmhPxd8w:rGIio8M7xXIlLTqa7ohPv8w

Score
10/10
vjw0rmdiscoverypersistencetrojanworm

Malware Config

Targets

    • Target

      b63a2f41efeaf76634460ebf1b32226d

    • Size

      125KB

    • MD5

      b63a2f41efeaf76634460ebf1b32226d

    • SHA1

      a45e1e55cc9aef31f2d9a60a11693e2d5d172fbe

    • SHA256

      e69e8751b597257f5e4f6a3fe1fdfa0ef273d8c6c6a7b1e620e392aee0cc64e4

    • SHA512

      4b5ad11c67e8ca623c4e38b6fef15ce262ad5f2b4319aac2b4df57504c067b5b8240e9490ef686d0c2c40e2b9185b6ef1551e84bba2c6b58766e752860931faa

    • SSDEEP

      3072:rGMG3YXiOSXwVB8iJjzVhZnX3R+lIL+TqQN7JmhPxd8w:rGIio8M7xXIlLTqa7ohPv8w

    Score
    10/10
    vjw0rmpersistencetrojanwormdiscovery

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks