Overview

overview

7

Static

static

1

EzyJec.exe

windows7-x64

7

EzyJec.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    34s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07-03-2023 13:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EzyJec.exe

  • Size

    3.6MB

  • MD5

    b7079e5c05bbd6a8539646da78f0b49a

  • SHA1

    6d9b8490ffd8346f1f60fce239b59f3fde64368d

  • SHA256

    aed71f9bfc1fd0d950f0300f000ed7cf16cc1672b1843c636d7ce064086199c1

  • SHA512

    6268e96e27bf300cd5433b1ae8305596f8721f7b2c438de7fa4762393e9037c46d151a22da5ef2e5b86368eb93673612b4d192ef5e88514bb82b8c30cf154919

  • SSDEEP

    98304:CCvE/t7ZCWqrxToDqvXGr1e+Q1mp9SLq7zXb8P:CJ/tVrMt4qerc+ICwWPXY

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\EzyJec.exe
    "C:\Users\Admin\AppData\Local\Temp\EzyJec.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1536-54-0x0000000000BF0000-0x0000000000F8C000-memory.dmp
    Filesize

    3.6MB

    Download
  • memory/1536-55-0x0000000004C80000-0x0000000004CC0000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1536-56-0x0000000005130000-0x000000000527E000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/1536-57-0x0000000000410000-0x0000000000424000-memory.dmp
    Filesize

    80KB

    Download
  • memory/1536-58-0x0000000000A30000-0x0000000000A80000-memory.dmp
    Filesize

    320KB

    Download
  • memory/1536-59-0x0000000005ED0000-0x000000000601A000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/1536-60-0x0000000000940000-0x000000000094E000-memory.dmp
    Filesize

    56KB

    Download
  • memory/1536-61-0x0000000006120000-0x0000000006236000-memory.dmp
    Filesize

    1.1MB

    Download
  • memory/1536-62-0x0000000005360000-0x0000000005390000-memory.dmp
    Filesize

    192KB

    Download
  • memory/1536-63-0x0000000004C80000-0x0000000004CC0000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1536-64-0x0000000004C80000-0x0000000004CC0000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1536-65-0x0000000004C80000-0x0000000004CC0000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1536-66-0x0000000004C80000-0x0000000004CC0000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1536-67-0x0000000004C80000-0x0000000004CC0000-memory.dmp
    Filesize

    256KB

    Download