Overview

overview

4

Static

static

3

SSJJ-bz-wd...er.exe

windows10-2004-x64

4

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...ig.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

WDlauncher.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    256s
  • max time network
    252s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-05-2024 01:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SSJJ-bz-wd-Installer.exe

  • Size

    2.3MB

  • MD5

    ae6bcfa1489bcc76e50d2df74b59a317

  • SHA1

    2e78481fc469be8ff11dd51d5ca40a89d59addc2

  • SHA256

    40d529c56d6efc72ee0c2db380722e1e0fa0b6fb0034d1a1d78d370692089253

  • SHA512

    3c4f4cbb7a43da3f19be2d71c0e4512da67c072b07e3ac93494f6a54affd79fd348efa22639e28d7916d35d7a26ce2f61cb3dd3628b76dc9eef0b9af475b030a

  • SSDEEP

    49152:GQao6/+1s31WXgdq671M43oJHEOT/vEZiBEub2jjH8Oggwa:95tsEXgYo1M43oJHptBEub2jIOgFa

Score
4/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Program Files directory 13 IoCs
  • Loads dropped DLL 23 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\SSJJ-bz-wd-Installer.exe
    "C:\Users\Admin\AppData\Local\Temp\SSJJ-bz-wd-Installer.exe"
    1⤵
    • Drops file in Program Files directory
    • Loads dropped DLL
    PID:2244

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\Wooduan\SSJJ-bz\WDlauncher.exe
    Filesize

    2.2MB

    MD5

    a93fabf128d0443491916a0bba141385

    SHA1

    7eda2a6cceb4d0dd28722a01d9d6ee1ec8b3733d

    SHA256

    1f093de225c1c7788e2eca65c7b993b9882c7b90c0e8614a5a92f6745c96838b

    SHA512

    f7f561706094769f1c4a4931b9def22e6ac35c7efd12746717769a8d62e8048337a8a57425ede224d74c4b474595dfa5c11a859cb22ad8985bab6c8b97ac2da5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsu5342.tmp\INetC.dll
    Filesize

    24KB

    MD5

    640bff73a5f8e37b202d911e4749b2e9

    SHA1

    9588dd7561ab7de3bca392b084bec91f3521c879

    SHA256

    c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502

    SHA512

    39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsu5342.tmp\IpConfig.dll
    Filesize

    118KB

    MD5

    a75e3775daac9958610ce1308e0bca3b

    SHA1

    d83ce354cde527c2e20fb425415f6d4795dd4cd4

    SHA256

    fe2093ff4bfa1d7259c922aca1e7bb219c4d234e469942446d9e2f8086b7d720

    SHA512

    48168a91ec90df262b1e158f32b4bc2a6d6ce10022eb96d4a6f3c755b977e5c104558626adaa214bda29d7f1d246f19e2df59b9a338982aa1c623e1bdd5714c6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsu5342.tmp\System.dll
    Filesize

    11KB

    MD5

    75ed96254fbf894e42058062b4b4f0d1

    SHA1

    996503f1383b49021eb3427bc28d13b5bbd11977

    SHA256

    a632d74332b3f08f834c732a103dafeb09a540823a2217ca7f49159755e8f1d7

    SHA512

    58174896db81d481947b8745dafe3a02c150f3938bb4543256e8cce1145154e016d481df9fe68dac6d48407c62cbe20753320ebd5fe5e84806d07ce78e0eb0c4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsu5342.tmp\UserInfo.dll
    Filesize

    4KB

    MD5

    a6f622a2f12ac10bca04e23deff5cada

    SHA1

    abf851b5ccfb64004e9b49718a467bd754545887

    SHA256

    b8fa7b9393fff910144768588c471ca7c9ec98a2b8b186b2172b8ba7a5279500

    SHA512

    35c8b0db179104e638f1b40f3f8038a41fdc327e112de5cb0dbb97cbf1dfa276fcf6400fcb46b88cb5ba233ca769becbdb4b4d40920adca831e3c0f38193c50f

    Download Submit