Overview

overview

8

Static

static

jooyu.exe

windows7_x64

8

jooyu.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jooyu.exe

  • Size

    971KB

  • Sample

    210821-7bj2nl5zvx

  • MD5

    aed57d50123897b0012c35ef5dec4184

  • SHA1

    568571b12ca44a585df589dc810bf53adf5e8050

  • SHA256

    096021eb5950ee16b7ec51756abe05f90c3530206e16286e7610b8a5a544a85e

  • SHA512

    ea0ee3a0762baa3539e8026a8c624ad897efe005faadcf1ff67ebfc555f29b912b24ad4342d5e0c209f36f5288867246bd1bdfed7df739e608a72fa7b4fa2d7c

Score
8/10
upx

Malware Config

Targets

    • Target

      jooyu.exe

    • Size

      971KB

    • MD5

      aed57d50123897b0012c35ef5dec4184

    • SHA1

      568571b12ca44a585df589dc810bf53adf5e8050

    • SHA256

      096021eb5950ee16b7ec51756abe05f90c3530206e16286e7610b8a5a544a85e

    • SHA512

      ea0ee3a0762baa3539e8026a8c624ad897efe005faadcf1ff67ebfc555f29b912b24ad4342d5e0c209f36f5288867246bd1bdfed7df739e608a72fa7b4fa2d7c

    Score
    8/10
    upx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks