Overview

overview

8

Static

static

JJSploit_I...er.exe

windows7-x64

8

JJSploit_I...er.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JJSploit_Installer.exe

  • Size

    50.1MB

  • Sample

    221123-vkbw3scb6y

  • MD5

    a8d9bc7277901ed97551fa18f1c1add1

  • SHA1

    d733231bd9977133641e2e605b20d9c3a021427b

  • SHA256

    40a2aaa4d615743bb4cef8616411f0e46944623a8b7e87a27e4502ef58c3b520

  • SHA512

    0f4baa3d3242bae22aaf444f755dd619d29efd95226b8ceb1d9f7fd166025e278c76da7eb9eb48a6987a8e09954ea253f96a4af8e42871217fe94a7bbba8fe66

  • SSDEEP

    1572864:T78WsLBs3LjAclhgOYzXNfeZtTJt0/wS8LKMUzDH:T78WGBs3P836T7HLKMUzj

Score
8/10
discovery

Malware Config

Targets

    • Target

      JJSploit_Installer.exe

    • Size

      50.1MB

    • MD5

      a8d9bc7277901ed97551fa18f1c1add1

    • SHA1

      d733231bd9977133641e2e605b20d9c3a021427b

    • SHA256

      40a2aaa4d615743bb4cef8616411f0e46944623a8b7e87a27e4502ef58c3b520

    • SHA512

      0f4baa3d3242bae22aaf444f755dd619d29efd95226b8ceb1d9f7fd166025e278c76da7eb9eb48a6987a8e09954ea253f96a4af8e42871217fe94a7bbba8fe66

    • SSDEEP

      1572864:T78WsLBs3LjAclhgOYzXNfeZtTJt0/wS8LKMUzDH:T78WGBs3P836T7HLKMUzj

    Score
    8/10
    discovery

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks