SYMBOLCOMMON_NAMEaka. SYNONYMS
win.vjw0rm (Back to overview)

Vjw0rm


VJW0rm (aka Vengeance Justice Worm) is a publicly available, modular JavaScript RAT. Vjw0rm was first released in November 2016 by its primary author, v_B01 (aka Sliemerez), within the prominent DevPoint Arabic-language malware development community. VJW0rm appears to be the JavaScript variant of a series of RATs with identical functionality released by the author throughout late 2016. Other variants include a Visual Basic Script (VBS) based worm titled vw0rm (Vengeance Worm), an AutoHotkey-based tool called vrw0rm (Vengeance Rise Worm), and a PowerShell-based variant called vdw0rm (Vengeance Depth Worm).

References
2022-05-11HPHP Wolf Security
@techreport{security:20220511:threat:bd460f0, author = {HP Wolf Security}, title = {{Threat Insights Report Q1 - 2022}}, date = {2022-05-11}, institution = {HP}, url = {https://threatresearch.ext.hp.com/wp-content/uploads/2022/05/HP-Wolf-Security-Threat-Insights-Report-Q1-2022.pdf}, language = {English}, urldate = {2022-05-13} } Threat Insights Report Q1 - 2022
AsyncRAT Emotet Mekotio Vjw0rm
2021-12-13RiskIQJordan Herman
@online{herman:20211213:riskiq:82a7631, author = {Jordan Herman}, title = {{RiskIQ: Connections between Nanocore, Netwire, and AsyncRAT and Vjw0rm dynamic DNS C2 infrastructure}}, date = {2021-12-13}, organization = {RiskIQ}, url = {https://community.riskiq.com/article/24759ad2}, language = {English}, urldate = {2022-01-18} } RiskIQ: Connections between Nanocore, Netwire, and AsyncRAT and Vjw0rm dynamic DNS C2 infrastructure
AsyncRAT Nanocore RAT NetWire RC Vjw0rm
2021-11-18Twitter (@tccontre18)Br3akp0int
@online{br3akp0int:20211118:how:02114e2, author = {Br3akp0int}, title = {{Tweet on how to decrypt 4 layers of encryption & obfuscation of vjw0rm}}, date = {2021-11-18}, organization = {Twitter (@tccontre18)}, url = {https://twitter.com/tccontre18/status/1461386178528264204}, language = {English}, urldate = {2021-11-19} } Tweet on how to decrypt 4 layers of encryption & obfuscation of vjw0rm
Vjw0rm
2021-11-04Deep instinctShaul Vilkomir-Preisman
@online{vilkomirpreisman:20211104:understanding:c22abf4, author = {Shaul Vilkomir-Preisman}, title = {{Understanding the Windows JavaScript Threat Landscape}}, date = {2021-11-04}, organization = {Deep instinct}, url = {https://www.deepinstinct.com/blog/understanding-the-windows-javascript-threat-landscape}, language = {English}, urldate = {2021-11-19} } Understanding the Windows JavaScript Threat Landscape
STRRAT Griffon BlackByte Houdini Vjw0rm
2021-10HPHP Wolf Security
@techreport{security:202110:threat:49f8fc2, author = {HP Wolf Security}, title = {{Threat Insights Report Q3 - 2021}}, date = {2021-10}, institution = {HP}, url = {https://threatresearch.ext.hp.com/wp-content/uploads/2021/10/HP-Wolf-Security-Threat-Insights-Report-Q3-2021.pdf}, language = {English}, urldate = {2021-10-25} } Threat Insights Report Q3 - 2021
STRRAT CloudEyE NetWire RC Remcos TrickBot Vjw0rm
2021-09-02LIFARSVlad Pasca
@techreport{pasca:20210902:vjw0rm:76a2d2e, author = {Vlad Pasca}, title = {{Vjw0rm Worm/RAT}}, date = {2021-09-02}, institution = {LIFARS}, url = {https://lifars.com/wp-content/uploads/2021/09/Vjw0rm-.pdf}, language = {English}, urldate = {2022-01-20} } Vjw0rm Worm/RAT
Vjw0rm
2021-03-21abuse.chabuse.ch
@online{abusech:20210321:vjw0rm:d90bf99, author = {abuse.ch}, title = {{Vjw0rm malware samples}}, date = {2021-03-21}, organization = {abuse.ch}, url = {https://bazaar.abuse.ch/browse/signature/Vjw0rm/}, language = {English}, urldate = {2021-03-22} } Vjw0rm malware samples
Vjw0rm
2020-11AppRiverChris Lee
@online{lee:202011:vjw0rm:7a5eb04, author = {Chris Lee}, title = {{Vjw0rm Is Back With New Tactics}}, date = {2020-11}, organization = {AppRiver}, url = {https://appriver.com/resources/blog/november-2020/vjw0rm-back-new-tactics}, language = {English}, urldate = {2021-10-05} } Vjw0rm Is Back With New Tactics
Vjw0rm

There is no Yara-Signature yet.