Overview

overview

8

Static

static

JJSploit_I...er.exe

windows7-x64

8

JJSploit_I...er.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JJSploit_Installer.exe

  • Size

    55.2MB

  • Sample

    220908-2w8hragag9

  • MD5

    f0944bac6d4354ab45acc2ca174b0c3e

  • SHA1

    64174bec344c2fc34e37be3b3f2a818932f91a27

  • SHA256

    1f6dbb268f7c795d282f5d5704f3f4b1b1ddfe820a2bcd1f58d6440dfe1d5239

  • SHA512

    50d18e426db7066041993385702de918a1ad15f4f8cbb0e3ae7e013e750a02634d05b19faffc92c7d4785c419d97db4ed21cbe70aceafa0852adbeedc9d0183c

  • SSDEEP

    1572864:JJ8WsLBVOrKhBD+HgOYzXNfeZtTJt0hwS8LlMUzDb:JJ8WGBkraBh36T7ZLlMUzf

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      JJSploit_Installer.exe

    • Size

      55.2MB

    • MD5

      f0944bac6d4354ab45acc2ca174b0c3e

    • SHA1

      64174bec344c2fc34e37be3b3f2a818932f91a27

    • SHA256

      1f6dbb268f7c795d282f5d5704f3f4b1b1ddfe820a2bcd1f58d6440dfe1d5239

    • SHA512

      50d18e426db7066041993385702de918a1ad15f4f8cbb0e3ae7e013e750a02634d05b19faffc92c7d4785c419d97db4ed21cbe70aceafa0852adbeedc9d0183c

    • SSDEEP

      1572864:JJ8WsLBVOrKhBD+HgOYzXNfeZtTJt0hwS8LlMUzDb:JJ8WGBkraBh36T7ZLlMUzf

    Score
    8/10
    discoverypersistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks