Overview

overview

7

Static

static

3

JJmatch-v20101124.exe

windows7-x64

7

JJmatch-v20101124.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

GCSkin/Def...t1.ps1

windows7-x64

3

GCSkin/Def...t1.ps1

windows10-2004-x64

3

LordTheme/...n0.ps1

windows7-x64

3

LordTheme/...n0.ps1

windows10-2004-x64

3

TKChatCtrl.dll

windows7-x64

1

TKChatCtrl.dll

windows10-2004-x64

1

TKEmotionPlayer.dll

windows7-x64

1

TKEmotionPlayer.dll

windows10-2004-x64

1

TKGC.exe

windows7-x64

1

TKGC.exe

windows10-2004-x64

1

TKGameChatCtrl.dll

windows7-x64

3

TKGameChatCtrl.dll

windows10-2004-x64

3

TKLobby.exe

windows7-x64

1

TKLobby.exe

windows10-2004-x64

1

TKLobby.exe

windows7-x64

1

TKLobby.exe

windows10-2004-x64

1

TKLord.exe

windows7-x64

1

TKLord.exe

windows10-2004-x64

1

TKLordDll.dll

windows7-x64

5

TKLordDll.dll

windows10-2004-x64

5

TKMahjongDll.dll

windows7-x64

4

TKMahjongDll.dll

windows10-2004-x64

4

TKMatchInfo.dll

windows7-x64

1

TKMatchInfo.dll

windows10-2004-x64

1

TKProducts...ion.js

windows7-x64

3

TKProducts...ion.js

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-06-2024 15:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JJmatch-v20101124.exe

  • Size

    13.7MB

  • MD5

    da4a7879f242f9f85b2633b176bc4bc5

  • SHA1

    7acc32a1d16bee9e3e9a56ea8b421a3e3709132c

  • SHA256

    a848401f87f0a982861e599375fd856f7d0332b58ce66970491b4fd3c5168338

  • SHA512

    fb338006e030ffa4d027e945c403081466020772f3764260465856e2f1e9e3bc6c541b835932edf801a77deed892558b6d8c071188c6a183650a42d56286e286

  • SSDEEP

    393216:rTkVJrR6kJbp8EOTPvZkBU+vJKDssvYDn6hEzKzYis:rTCxrFuTPhsHqs4YDncAT

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\JJmatch-v20101124.exe
    "C:\Users\Admin\AppData\Local\Temp\JJmatch-v20101124.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsiFEA.tmp\ioSpecial.ini
    Filesize

    602B

    MD5

    3e32be686614ea8d9aea6908319491ba

    SHA1

    d58098982e9661a7b33cee84866dd1490f27a963

    SHA256

    dad001fd865aa8d8fe4d7bb2dae44ad46b369409389453605fb5103d3e55ffcf

    SHA512

    f6b7ee131bd6cfbb068e46710260cf6b33cc7a12f945cc1c85ed487e1beb3c88504cc6647c13cc63236b0b454f7973ea3c9b3cd2770fd453ff7860bf4041482c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsiFEA.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    0dc0cc7a6d9db685bf05a7e5f3ea4781

    SHA1

    5d8b6268eeec9d8d904bc9d988a4b588b392213f

    SHA256

    8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    SHA512

    814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    Download Submit