Overview

overview

8

Static

static

8

EZDJ_P~1.exe

windows7-x64

7

EZDJ_P~1.exe

windows10-2004-x64

7

NEWAUT~1.exe

windows7-x64

8

NEWAUT~1.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    112s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/12/2022, 06:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    EZDJ_P~1.exe

  • Size

    7.1MB

  • MD5

    3dff1e807664fc09ff93e16809224036

  • SHA1

    910f442281db24eef676a7e3f3c708cb63393e03

  • SHA256

    35765a15c21121805050dd12a9969d9ee19ec432086c32894e7909eff9449e5d

  • SHA512

    c79850d15a8a2d708bf5de439d5b26de09905e6a173c4d3730a4a3e83f0336dd36b6f6305d12f79d6602dfd8350afec6a1ffc24f153a3ec1779806570c9b8029

  • SSDEEP

    196608:gysAMfp4l0PyWwP7DukXWpoI7oJj62EjIlSdfDdIv:g7AkpM0PyWwD6sJj62EjIlKdIv

Score
7/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\EZDJ_P~1.exe
    "C:\Users\Admin\AppData\Local\Temp\EZDJ_P~1.exe"
    1⤵
    • Loads dropped DLL
    • Enumerates connected drives
    PID:2128

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\~vis0000\NoDirectoryWrite.dll
          Filesize

          44KB

          MD5

          3b478596cc152e797350c3a84130c2a7

          SHA1

          023d9eed920a84157f24382cb474b78d9f6040e2

          SHA256

          28d05fd19b977d9853299f7a4893d570de118315f2ea413eeb2791ffb2d3c42f

          SHA512

          00d3bfbba30b67018c622a7d3e949280ccda73dae31820805b5e2e812b5e60664abc9352c60fac1c4ae968179b938a00a032ba674cbf90a236cd54d4a3ee88ef

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~vis0000\NoDirectoryWrite.dll
          Filesize

          44KB

          MD5

          3b478596cc152e797350c3a84130c2a7

          SHA1

          023d9eed920a84157f24382cb474b78d9f6040e2

          SHA256

          28d05fd19b977d9853299f7a4893d570de118315f2ea413eeb2791ffb2d3c42f

          SHA512

          00d3bfbba30b67018c622a7d3e949280ccda73dae31820805b5e2e812b5e60664abc9352c60fac1c4ae968179b938a00a032ba674cbf90a236cd54d4a3ee88ef

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~vis0000\ShutdownApp.dll
          Filesize

          44KB

          MD5

          c31e0dc69c1467fa6c74be3eab23436f

          SHA1

          29299bd037d4ebfb5b9b216ae0201733c1c42160

          SHA256

          66ce70ac601ea244db9ceb4a259c3ee7c4c98e85090c80e7a240253d1002f2b1

          SHA512

          5a77249e533d0cf7573b6a9ccda8d49cc6674858b2b73d51a9fa0fc3062ccfafcf33ad6067cf278497768297f34342954e1695153968a27397b8b4b48b8f8322

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~vis0000\ShutdownApp.dll
          Filesize

          44KB

          MD5

          c31e0dc69c1467fa6c74be3eab23436f

          SHA1

          29299bd037d4ebfb5b9b216ae0201733c1c42160

          SHA256

          66ce70ac601ea244db9ceb4a259c3ee7c4c98e85090c80e7a240253d1002f2b1

          SHA512

          5a77249e533d0cf7573b6a9ccda8d49cc6674858b2b73d51a9fa0fc3062ccfafcf33ad6067cf278497768297f34342954e1695153968a27397b8b4b48b8f8322

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~vis0000\vise32ex.dll
          Filesize

          496KB

          MD5

          db798587868984eb838a71338f6ffe53

          SHA1

          c9fef0b8e6806137f29beb8c0eae04f1c5bb8c39

          SHA256

          6d4209a51dedb0aedcdfd5cbed6fc80dbc34b51cd1dc176d788f07b5cdf06642

          SHA512

          1e6f4ce4156693f9f9a8f70b8b9ff5080a27ac903929ae7aefd277c455d088aaf6b19ddc1edc131eb552eada877462829473885804df7f9246d412754d098c58

          Download Submit

        • memory/2128-138-0x0000000002350000-0x000000000235C000-memory.dmp

          Filesize

          48KB

          Download

        • memory/2128-141-0x0000000002540000-0x000000000254C000-memory.dmp

          Filesize

          48KB

          Download