b64c40843b011d715c431b761680e8565383ac702f5ed80492fb30bd6aa33929 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

ezmvVCJt.exe

windows7_x64

8

ezmvVCJt.exe

windows10_x64

8

Sharing

General

Target

ezmvVCJt.exe
Size

276KB
Sample

200928-nvjnrvxkqe
MD5

0ee2f7d6a851faf44bf235186be91a19
SHA1

83ebbf632e25dbe69b060d190a42a5125ffe3902
SHA256

b64c40843b011d715c431b761680e8565383ac702f5ed80492fb30bd6aa33929
SHA512

4450f9169419cd502df259bd32c9e37a793db17d731d206e71ff61065cb0277917874bb7196672e6e5cab0d7ee1ee1103b018ae5e2e0ac917ecfd807db18368a

Score

8^/10

persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

ezmvVCJt.exe

Resource

win7v200722

persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ezmvVCJt.exe

Resource

win10v200722

persistence upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  ezmvVCJt.exe
- Size
  
  276KB
- MD5
  
  0ee2f7d6a851faf44bf235186be91a19
- SHA1
  
  83ebbf632e25dbe69b060d190a42a5125ffe3902
- SHA256
  
  b64c40843b011d715c431b761680e8565383ac702f5ed80492fb30bd6aa33929
- SHA512
  
  4450f9169419cd502df259bd32c9e37a793db17d731d206e71ff61065cb0277917874bb7196672e6e5cab0d7ee1ee1103b018ae5e2e0ac917ecfd807db18368a
Score

8^/10

persistence upx
- Adds policy Run key to start application
  persistence
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy