1bf62962424817df5cb01035a867dd482435ad75714802bec96fd140a129985a | Triage

Sharing

General

Target

JJSploit_8.2.0_x64-setup.exe
Size

6.8MB
Sample

240912-qemdeaweka
MD5

ad78098e4bd8a777c83947514e39e702
SHA1

9c7623f484399737e934530fae0463129a3ba1d2
SHA256

1bf62962424817df5cb01035a867dd482435ad75714802bec96fd140a129985a
SHA512

6e0d2f25463406337dab3524fa118434f0c31530790a334cc0754dd673699f3ac42221de3544cbcd7a8328622e103d8e2ff55a34d8823d16480986c9e298303e
SSDEEP

196608:hYuT+k+TeZKdbfKhHUlfc9lN3MbHupWJh8n0hg+:hX9KdzKUBc9lN8Lnkn0X

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  JJSploit_8.2.0_x64-setup.exe
- Size
  
  6.8MB
- MD5
  
  ad78098e4bd8a777c83947514e39e702
- SHA1
  
  9c7623f484399737e934530fae0463129a3ba1d2
- SHA256
  
  1bf62962424817df5cb01035a867dd482435ad75714802bec96fd140a129985a
- SHA512
  
  6e0d2f25463406337dab3524fa118434f0c31530790a334cc0754dd673699f3ac42221de3544cbcd7a8328622e103d8e2ff55a34d8823d16480986c9e298303e
- SSDEEP
  
  196608:hYuT+k+TeZKdbfKhHUlfc9lN3MbHupWJh8n0hg+:hX9KdzKUBc9lN8Lnkn0X
Score

8^/10

discovery
- Downloads MZ/PE file
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1
- Target
  
  JJSploit.exe
- Size
  
  11.3MB
- MD5
  
  08da60d926eaa0252af9b166761611c8
- SHA1
  
  d5fcdb424d36b10de9ca7bcb30d8b677970bc3b5
- SHA256
  
  8ce041b5fbb64fb950ac85d68b9edaead06689de305a8584c149632a0283294b
- SHA512
  
  ceddfe1f15a99a6d63e27b3c0ace15ce366b0cc55aa63568c95a771f0c269f17809620fc67a6fd3a34b783d0db438bcdf52dd3e1117ec0f45854b547c0460301
- SSDEEP
  
  98304:p/LEFfkor/JfIooWvsLMjw4SqOYhisDbAuFa99bUHptmGs0ITIECz/YQ5/otG0Ec:GFfkcfUMjw4BhiMbE9bULGQf5Jap
Score

3^/10

discovery
behavioral2
- Target
  
  uninstall.exe
- Size
  
  74KB
- MD5
  
  addfa71d2ec1da7b15cba4bc03e4186b
- SHA1
  
  c38adaf927570bfaa09e27f22ad6853aa35d836c
- SHA256
  
  efdddd077088a75f4d27c79650ab3ed4b1cd76206ca88b91fbd631e89c87b8c9
- SHA512
  
  076569cdee693af1b0ae9a509e7bbdabab4de80cef85543ce63d93f5c9e44bb20fac95b2163ebb6751be29123368eceaac4751efc111730262e04f3a61527452
- SSDEEP
  
  1536:XmsAYBdTU9fEAIS2PEtuugdLeAyNxS7GlSK8KPKVfJcqb:WfY/TU9fE9PEtuuceALsS3pVfWqb
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3