vjw0rm | e270482c1dfaf5a5080792e81e63724ece6f1bb1798c6a094b0f682b11c5edfd | Triage

Submit
Reports

Overview

overview

Static

static

1

ee2e7fb86a...118.js

windows7-x64

ee2e7fb86a...118.js

windows10-2004-x64

Sharing

General

Target

ee2e7fb86a5c136f7fcf790f8ef616a9_JaffaCakes118
Size

38KB
Sample

240411-ya9bdaec9w
MD5

ee2e7fb86a5c136f7fcf790f8ef616a9
SHA1

3bc8c40d14944f3a353b3b0f200a46b40e8edb61
SHA256

e270482c1dfaf5a5080792e81e63724ece6f1bb1798c6a094b0f682b11c5edfd
SHA512

15ac382f903665d210ff29df222551f5e9af95a792a483d41e06a4668763299805279e896a434571001b4c2e8d71c4e8a30e89e01e77d4812a5231ce0305d6f0
SSDEEP

96:Xngc4sFAHAk3tcROHcRb+UfL7MHU+d3e74XkDdqs00AKp07llhIx07l49Unf66NH:XgR8AHAI0FFxK9kgT95

Score

10^/10

vjw0rm trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

ee2e7fb86a5c136f7fcf790f8ef616a9_JaffaCakes118.js

Resource

win7-20240221-en

vjw0rm trojan worm

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

ee2e7fb86a5c136f7fcf790f8ef616a9_JaffaCakes118.js

Resource

win10v2004-20231215-en

vjw0rm trojan worm

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  ee2e7fb86a5c136f7fcf790f8ef616a9_JaffaCakes118
- Size
  
  38KB
- MD5
  
  ee2e7fb86a5c136f7fcf790f8ef616a9
- SHA1
  
  3bc8c40d14944f3a353b3b0f200a46b40e8edb61
- SHA256
  
  e270482c1dfaf5a5080792e81e63724ece6f1bb1798c6a094b0f682b11c5edfd
- SHA512
  
  15ac382f903665d210ff29df222551f5e9af95a792a483d41e06a4668763299805279e896a434571001b4c2e8d71c4e8a30e89e01e77d4812a5231ce0305d6f0
- SSDEEP
  
  96:Xngc4sFAHAk3tcROHcRb+UfL7MHU+d3e74XkDdqs00AKp07llhIx07l49Unf66NH:XgR8AHAI0FFxK9kgT95
Score

10^/10

vjw0rm trojan worm
- Vjw0rm
  Vjw0rm is a remote access trojan written in JavaScript.
  trojan worm vjw0rm
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

vjw0rmtrojanworm

behavioral2

vjw0rmtrojanworm

© 2018-2025

Terms | Privacy