mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-29 18:27:19 +00:00
add VJw0rm description
This commit is contained in:
parent
f4abf37b01
commit
5f0d7f6d68
1 changed files with 7 additions and 1 deletions
|
@ -2693,10 +2693,16 @@
|
|||
"value": "Revenge-RAT"
|
||||
},
|
||||
{
|
||||
"description": "“Vengeance Justice Worm” was first discovered in 2016 and is a highly multifunctional, modular, publicly available “commodity malware”, i.e., it can be purchased by those interested through various cybercrime and hacking related forums and channels.\n\nVJwOrm is a JavaScript-based malware and combines characteristics of Worm, Information Stealer, Remote-Access Trojan (RAT), Denial-of-Service (DOS) malware, and spam-bot.\n\nVJw0rm is propagated primarily by malicious email attachments and by infecting removeable storage devices.\n\nOnce executed by the victim, the very heavily obfuscated VJw0rm will enumerate installed drives and, if a removeable drive is found, VJwOrm will infect it if configured to do so.\n\nIt will continue to gather victim information such as operating system details, user’s details, installed anti-virus product details, stored browser cookies, the presence of vbc.exe on the system (Microsoft’s .NET Visual Basic Compiler, this indicates that .NET is installed on the system and can affect the actor’s choice of additional malware delivery), and whether the system has been previously infected.\n\nVJw0rm will then report this information back to its command-and-control server and await further commands, such as downloading and executing additional malware or employing any of its other numerous capabilities.\n\nFinally, VJw0rm establishes persistency in the form of registry auto-runs, system startup folders, a scheduled-task, or any combination of these methods.",
|
||||
"meta": {
|
||||
"date": "2016",
|
||||
"refs": [
|
||||
"https://twitter.com/malwrhunterteam/status/816993165119016960?lang=en"
|
||||
],
|
||||
"synonym": [
|
||||
"Vengeance Justice Worm",
|
||||
"VJw0rm",
|
||||
"VJwOrm"
|
||||
]
|
||||
},
|
||||
"uuid": "bf86d7a6-80af-4d22-a092-f822bf7201d2",
|
||||
|
@ -3544,5 +3550,5 @@
|
|||
"value": "Ragnatela"
|
||||
}
|
||||
],
|
||||
"version": 41
|
||||
"version": 42
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue