Overview

overview

3

Static

static

3

JJSploit/JJSploit.exe

windows7-x64

1

JJSploit/JJSploit.exe

windows10-2004-x64

1

Resubmissions

21/09/2024, 09:30

240921-lgm1havgkc 3

21/09/2024, 09:29

240921-lf232avgpm 3

Sharing

Copy URL Twitter E-mail

General

  • Target

    JJSploit.zip

  • Size

    5.7MB

  • MD5

    3213733b51b4f86f77229ed8192a672b

  • SHA1

    897912400cc88cb767a4808716b88c64f74a0d3f

  • SHA256

    39cfc48bf146ea8c1ac1e128a017ae10810374429ac3e8ac3595635a1b1e4005

  • SHA512

    54155e4c10dbcdd969614a60d88860b5f9215c831792fcc9d5afa5b3dc4ae8e95edbf98835a6e80889117e3fbb19b38d991c7d7d6bd54b0d89b55b63125ec711

  • SSDEEP

    98304:mX4mhFIF/epK4DVP1eTn53hqMN4ytqKSmbb/OwCPKFPgRilIgp6pwzLt+lXBdtY:w38F/epzZP1eT53kMfIKL/CPu4EloIcE

Score
3/10
pyinstaller

Malware Config

Signatures

  • Detects Pyinstaller 1 IoCs
    pyinstaller
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JJSploit.zip
    .zip
  • JJSploit/JJSploit.exe
    .exe windows:6 windows x64 arch:x64

    a06f302f71edd380da3d5bf4a6d94ebd


    Headers

    Imports

    Sections

  • JJSploit.pyc
  • JJSploit/_internal/VCRUNTIME140.dll
    .dll windows:6 windows x64 arch:x64

    44c3854843f7a3fccdf8ddbbea66f302


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/_bz2.pyd
    .dll windows:6 windows x64 arch:x64

    ffa916dfdc50e863f51c0b6a5f824af6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/_decimal.pyd
    .dll windows:6 windows x64 arch:x64

    53c2be0bb51ad122ee2c2f1d38f395e1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/_hashlib.pyd
    .dll windows:6 windows x64 arch:x64

    683c97b97649a9c2dc807b6f67c277a4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/_lzma.pyd
    .dll windows:6 windows x64 arch:x64

    9737ade4e3ae3cc469d7407b46aaf0df


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/_socket.pyd
    .dll .js windows:6 windows x64 arch:x64 polyglot

    776b7c5bc1aea73a6f74ab11ef18f641


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-console-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-datetime-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-debug-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-errorhandling-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-file-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-file-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-file-l2-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-handle-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-heap-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-interlocked-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-libraryloader-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-localization-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-memory-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-namedpipe-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-processenvironment-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-processthreads-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-processthreads-l1-1-1.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-profile-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-rtlsupport-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-string-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-synch-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-synch-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-sysinfo-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-timezone-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-core-util-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-conio-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-convert-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-environment-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-filesystem-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-heap-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-locale-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-math-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-process-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-runtime-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-stdio-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-string-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-time-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/api-ms-win-crt-utility-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • JJSploit/_internal/base_library.zip
    .zip
  • _bootlocale.pyc
  • _collections_abc.pyc
  • _weakrefset.pyc
  • abc.pyc
  • codecs.pyc
  • collections/__init__.pyc
  • collections/abc.pyc
  • copyreg.pyc
  • encodings/__init__.pyc
  • encodings/aliases.pyc
  • encodings/ascii.pyc
  • encodings/base64_codec.pyc
  • encodings/big5.pyc
  • encodings/big5hkscs.pyc
  • encodings/bz2_codec.pyc
  • encodings/charmap.pyc
  • encodings/cp037.pyc
  • encodings/cp1006.pyc
  • encodings/cp1026.pyc
  • encodings/cp1125.pyc
  • encodings/cp1140.pyc
  • encodings/cp1250.pyc
  • encodings/cp1251.pyc
  • encodings/cp1252.pyc
  • encodings/cp1253.pyc
  • encodings/cp1254.pyc
  • encodings/cp1255.pyc
  • encodings/cp1256.pyc
  • encodings/cp1257.pyc
  • encodings/cp1258.pyc
  • encodings/cp273.pyc
  • encodings/cp424.pyc
  • encodings/cp437.pyc
  • encodings/cp500.pyc
  • encodings/cp720.pyc
  • encodings/cp737.pyc
  • encodings/cp775.pyc
  • encodings/cp850.pyc
  • encodings/cp852.pyc
  • encodings/cp855.pyc
  • encodings/cp856.pyc
  • encodings/cp857.pyc
  • encodings/cp858.pyc
  • encodings/cp860.pyc
  • encodings/cp861.pyc
  • encodings/cp862.pyc
  • encodings/cp863.pyc
  • encodings/cp864.pyc
  • encodings/cp865.pyc
  • encodings/cp866.pyc
  • encodings/cp869.pyc
  • encodings/cp874.pyc
  • encodings/cp875.pyc
  • encodings/cp932.pyc
  • encodings/cp949.pyc
  • encodings/cp950.pyc
  • encodings/euc_jis_2004.pyc
  • encodings/euc_jisx0213.pyc
  • encodings/euc_jp.pyc
  • encodings/euc_kr.pyc
  • encodings/gb18030.pyc
  • encodings/gb2312.pyc
  • encodings/gbk.pyc
  • encodings/hex_codec.pyc
  • encodings/hp_roman8.pyc
  • encodings/hz.pyc
  • encodings/idna.pyc
  • encodings/iso2022_jp.pyc
  • encodings/iso2022_jp_1.pyc
  • encodings/iso2022_jp_2.pyc
  • encodings/iso2022_jp_2004.pyc
  • encodings/iso2022_jp_3.pyc
  • encodings/iso2022_jp_ext.pyc
  • encodings/iso2022_kr.pyc
  • encodings/iso8859_1.pyc
  • encodings/iso8859_10.pyc
  • encodings/iso8859_11.pyc
  • encodings/iso8859_13.pyc
  • encodings/iso8859_14.pyc
  • encodings/iso8859_15.pyc
  • encodings/iso8859_16.pyc
  • encodings/iso8859_2.pyc
  • encodings/iso8859_3.pyc
  • encodings/iso8859_4.pyc
  • encodings/iso8859_5.pyc
  • encodings/iso8859_6.pyc
  • encodings/iso8859_7.pyc
  • encodings/iso8859_8.pyc
  • encodings/iso8859_9.pyc
  • encodings/johab.pyc
  • encodings/koi8_r.pyc
  • encodings/koi8_t.pyc
  • encodings/koi8_u.pyc
  • encodings/kz1048.pyc
  • encodings/latin_1.pyc
  • encodings/mac_arabic.pyc
  • encodings/mac_croatian.pyc
  • encodings/mac_cyrillic.pyc
  • encodings/mac_farsi.pyc
  • encodings/mac_greek.pyc
  • encodings/mac_iceland.pyc
  • encodings/mac_latin2.pyc
  • encodings/mac_roman.pyc
  • encodings/mac_romanian.pyc
  • encodings/mac_turkish.pyc
  • encodings/mbcs.pyc
  • encodings/oem.pyc
  • encodings/palmos.pyc
  • encodings/ptcp154.pyc
  • encodings/punycode.pyc
  • encodings/quopri_codec.pyc
  • encodings/raw_unicode_escape.pyc
  • encodings/rot_13.pyc
  • encodings/shift_jis.pyc
  • encodings/shift_jis_2004.pyc
  • encodings/shift_jisx0213.pyc
  • encodings/tis_620.pyc
  • encodings/undefined.pyc
  • encodings/unicode_escape.pyc
  • encodings/utf_16.pyc
  • encodings/utf_16_be.pyc
  • encodings/utf_16_le.pyc
  • encodings/utf_32.pyc
  • encodings/utf_32_be.pyc
  • encodings/utf_32_le.pyc
  • encodings/utf_7.pyc
  • encodings/utf_8.pyc
  • encodings/utf_8_sig.pyc
  • encodings/uu_codec.pyc
  • encodings/zlib_codec.pyc
  • enum.pyc
  • functools.pyc
  • genericpath.pyc
  • heapq.pyc
  • io.pyc
  • keyword.pyc
  • linecache.pyc
  • locale.pyc
  • ntpath.pyc
  • operator.pyc
  • os.pyc
  • posixpath.pyc
  • re.pyc
  • reprlib.pyc
  • sre_compile.pyc
  • sre_constants.pyc
  • sre_parse.pyc
  • stat.pyc
  • traceback.pyc
  • types.pyc
  • warnings.pyc
  • weakref.pyc
  • JJSploit/_internal/libcrypto-1_1.dll
    .dll windows:6 windows x64 arch:x64

    91e8dc4192e6f620254cd1fa32253e23


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/python39.dll
    .dll windows:6 windows x64 arch:x64

    10a1420ae03520725c64d30cfcf52d9f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/select.pyd
    .dll windows:6 windows x64 arch:x64

    72c31dcbd1c124b3eb380163acfe8f06


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/ucrtbase.dll
    .dll windows:10 windows x64 arch:x64

    5e97252fec9caeb9bb1ddc7cc50f68a6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJSploit/_internal/unicodedata.pyd
    .dll windows:6 windows x64 arch:x64

    1020ee69c522eee9cc71cdcf6fac68fd


    Code Sign

    Headers

    Imports

    Exports

    Sections