Overview

overview

10

Static

static

5

a35e8029ff...18.exe

windows7-x64

10

a35e8029ff...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a35e8029ffe51da82af5008f82c1ecb5_JaffaCakes118

  • Size

    5.7MB

  • Sample

    240613-bw23vssgrj

  • MD5

    a35e8029ffe51da82af5008f82c1ecb5

  • SHA1

    22b0e92ac081f7630755d2ee640f5e84960f3a82

  • SHA256

    b0b14275a84d2abbf520c389d7e1f2125c50d779ff0072cb6e61a734858f0eb2

  • SHA512

    8189f7fdbdb995ce42d913bcc06c7c36b6e7cbb0e6ce3d757146d8cbad83426d2b63be1fa5fa0bd9f7feee316ae2f074216ae780369d1e5bad9df734ec2c48f1

  • SSDEEP

    98304:f2cPK8lCwxBHuB0XGZzwM+SX4ARTe3O3gzraBt9zZAfUG5+l/Y0zhvgbcoVj:+CKFwJQ0XGqMH4ART6OU+TCUGiWj

Score
10/10
vjw0rmexecutiontrojanworm

Malware Config

Targets

    • Target

      a35e8029ffe51da82af5008f82c1ecb5_JaffaCakes118

    • Size

      5.7MB

    • MD5

      a35e8029ffe51da82af5008f82c1ecb5

    • SHA1

      22b0e92ac081f7630755d2ee640f5e84960f3a82

    • SHA256

      b0b14275a84d2abbf520c389d7e1f2125c50d779ff0072cb6e61a734858f0eb2

    • SHA512

      8189f7fdbdb995ce42d913bcc06c7c36b6e7cbb0e6ce3d757146d8cbad83426d2b63be1fa5fa0bd9f7feee316ae2f074216ae780369d1e5bad9df734ec2c48f1

    • SSDEEP

      98304:f2cPK8lCwxBHuB0XGZzwM+SX4ARTe3O3gzraBt9zZAfUG5+l/Y0zhvgbcoVj:+CKFwJQ0XGqMH4ART6OU+TCUGiWj

    Score
    10/10
    vjw0rmexecutiontrojanworm

    • Vjw0rm

      Vjw0rm is a remote access trojan written in JavaScript.

      trojanwormvjw0rm

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks