Overview

overview

3

Static

static

3

EzPing.UI.exe

windows7-x64

1

EzPing.UI.exe

windows10-2004-x64

1

Resubmissions

24-02-2024 16:22

240224-tvpp9agd55 3

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-02-2024 16:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EzPing.UI.exe

  • Size

    1.1MB

  • MD5

    e28520a104618842e640e9aff6c8803d

  • SHA1

    90c0b1ebb0f16550b1fd9a878f0aac79aba4b366

  • SHA256

    615cd3b6aad84696e5e051d53f523ab36a3552dc4821d62b079c53684d8540c8

  • SHA512

    41d118fa2053b21618b2536c80a7e73396944e97a2591d67146fba3582076d981c43d7fc65f5b6693680938ebdce8ccc8fe073e6b0fbd1618d97dd35443c9355

  • SSDEEP

    24576:03YALJ7ZWzlrLuHxMrt01dsvLW4XRbgZltNH3o25RPBcoj+mm7Jo:gl78zlrSH+OEW4Xtgjv37Jcoj+mm7Jo

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\EzPing.UI.exe
    "C:\Users\Admin\AppData\Local\Temp\EzPing.UI.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1396
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1396 -s 652
      2⤵
        PID:3004
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\AssertClear.snd"
      1⤵
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:2592

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1396-0-0x0000000000170000-0x000000000028A000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/1396-1-0x000007FEF5CB0000-0x000007FEF669C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1396-2-0x000000001B160000-0x000000001B1E0000-memory.dmp

      Filesize

      512KB

      Download

    • memory/1396-3-0x000007FEF5CB0000-0x000007FEF669C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2592-16-0x000000013F2C0000-0x000000013F3B8000-memory.dmp

      Filesize

      992KB

      Download

    • memory/2592-17-0x000007FEF7E70000-0x000007FEF7EA4000-memory.dmp

      Filesize

      208KB

      Download

    • memory/2592-18-0x000007FEF63E0000-0x000007FEF6694000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/2592-19-0x000007FEF5130000-0x000007FEF61DB000-memory.dmp

      Filesize

      16.7MB

      Download

    • memory/2592-20-0x000007FEF45B0000-0x000007FEF46C2000-memory.dmp

      Filesize

      1.1MB

      Download