vjw0rm | 2c8240a9a4d78a127b0fa7d019793a56b44aaef4be64525fbb1d76b534b0e7e0 | Triage

Submit
Reports

Overview

overview

Static

static

1

c8a00e03b9...0f4.js

windows7-x64

c8a00e03b9...0f4.js

windows10-2004-x64

Sharing

General

Target

c8a00e03b928e8d47433f73999d280f4
Size

38KB
Sample

240314-pq79ksec92
MD5

c8a00e03b928e8d47433f73999d280f4
SHA1

3850009b8ad2c4957273f8c41555403c5aa502f5
SHA256

2c8240a9a4d78a127b0fa7d019793a56b44aaef4be64525fbb1d76b534b0e7e0
SHA512

5515a37e611d3a1666779ac85acce98323e9f7907722e58a9cca131d85e6a9afc18291f2505fe618e1e745cec004575ae8a8fe3e086fa2b97a40485fd9ee557a
SSDEEP

96:XE7DClCtcROHcRb+UfL7MHU+d3e74XkDCqs00AKp07llhIx07l49Unf66NGMefYU:pQ0FixS9kgT9y

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

c8a00e03b928e8d47433f73999d280f4.js

Resource

win7-20240215-en

vjw0rm trojan worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

c8a00e03b928e8d47433f73999d280f4.js

Resource

win10v2004-20240226-en

vjw0rm trojan worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  c8a00e03b928e8d47433f73999d280f4
- Size
  
  38KB
- MD5
  
  c8a00e03b928e8d47433f73999d280f4
- SHA1
  
  3850009b8ad2c4957273f8c41555403c5aa502f5
- SHA256
  
  2c8240a9a4d78a127b0fa7d019793a56b44aaef4be64525fbb1d76b534b0e7e0
- SHA512
  
  5515a37e611d3a1666779ac85acce98323e9f7907722e58a9cca131d85e6a9afc18291f2505fe618e1e745cec004575ae8a8fe3e086fa2b97a40485fd9ee557a
- SSDEEP
  
  96:XE7DClCtcROHcRb+UfL7MHU+d3e74XkDCqs00AKp07llhIx07l49Unf66NGMefYU:pQ0FixS9kgT9y
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vjw0rmtrojanworm

behavioral2

vjw0rmtrojanworm

© 2018-2024

Terms | Privacy