Resubmissions

06-10-2024 12:47

241006-p1hfxayfqa 10

06-10-2024 12:45

241006-pzch9syfmc 8

General

  • Target

    JJSploit_8.10.6_x64-setup.exe

  • Size

    6.1MB

  • MD5

    69a250d257eb041a676f0e8da7d20669

  • SHA1

    7ab2cf80a8151b7432a82cc7b025c76c8d9ba1bb

  • SHA256

    f93c3a4931c1d065d6d2d7c5233e6d6415926f240b512bb41e12a2610dc898a9

  • SHA512

    aa88b11e380a27b08b53cff7c66c2b889728da6faa45f197a5b7dab41717c019b52389acebf054717cf9ad9116922fcc642d82c52691d02acb09eef162b34235

  • SSDEEP

    98304:xtUlGk9TjJ1FaXCZikMBp+vrXyMUI/yBiPQDK6AiXMTOzE9znSfUJHkuyJmt3W1W:xt2/fFjZ2BpSX00QT+OzEdniSG1zC

Score
3/10

Malware Config

Signatures

  • Embeds OpenSSL 1 IoCs

    Embeds OpenSSL, may be used to circumvent TLS interception.

  • Unsigned PE 13 IoCs

    Checks for missing Authenticode signature.

Files

  • JJSploit_8.10.6_x64-setup.exe
    .exe windows:4 windows x86 arch:x86

    Password: 112

    61259b55b8912888e90f516ca08dc514


    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    Password: 112

    ed06d61f6957c32cd324837726a5a070


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    Password: 112

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: 112

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    Password: 112

    6b5c4f7d679059f68f1269aad3a5cecd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis_tauri_utils.dll
    .dll windows:6 windows x86 arch:x86

    Password: 112

    17cb20871354b907f678c7c220e4ca60


    Headers

    Imports

    Exports

    Sections

  • JJSploit.dll
    .dll windows:6 windows x64 arch:x64

    Password: 112

    b931669d007f056376c17d03880067ce


    Headers

    Imports

    Exports

    Sections

  • JJSploit.exe
    .exe windows:6 windows x64 arch:x64

    Password: 112

    6d4366f9b2f82fff689a1fa97c6a82bf


    Headers

    Imports

    Sections

  • db.json
  • libcrypto-3-x64.dll
    .dll windows:6 windows x64 arch:x64

    Password: 112

    680b5c239d82da8e527bf24b921948fd


    Headers

    Imports

    Exports

    Sections

  • libssl-3-x64.dll
    .dll windows:6 windows x64 arch:x64

    b14ebe784f458189a17382fee793f658


    Headers

    Imports

    Exports

    Sections

  • resources/luascripts/animations/dab.lua
  • resources/luascripts/animations/energizegui.lua
  • resources/luascripts/animations/jumpland.lua
  • resources/luascripts/animations/levitate.lua
  • resources/luascripts/animations/walkthrough.lua
  • resources/luascripts/beesim/autodig.lua
  • resources/luascripts/general/aimbot.lua
    .js
  • resources/luascripts/general/chattroll.lua
  • resources/luascripts/general/fly.lua
  • resources/luascripts/general/god.lua
  • resources/luascripts/general/infinitejump.lua
  • resources/luascripts/general/magnetizeto.lua
  • resources/luascripts/general/multidimensionalcharacter.lua
  • resources/luascripts/general/noclip.lua
    .js
  • resources/luascripts/general/teleportto.lua
  • resources/luascripts/general/tptool.lua
  • resources/luascripts/jailbreak/criminalesp.lua
  • resources/luascripts/jailbreak/policeesp.lua
  • resources/luascripts/jailbreak/removewalls.lua
  • resources/luascripts/jailbreak/walkspeed.lua
  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    61259b55b8912888e90f516ca08dc514


    Headers

    Imports

    Sections

  • xxhash.dll
    .dll windows:6 windows x64 arch:x64

    fba6b233846a2ea5e6907e23b2de9a26


    Headers

    Imports

    Exports

    Sections

  • zstd.dll
    .dll windows:6 windows x64 arch:x64

    f32e8587cacdf9095c309b87f2877ebb


    Headers

    Imports

    Exports

    Sections