2e80059a92e23f07ece25cd25f4e855cb01c8623a5ca9d8d63756c2273368563

Resubmissions

05-08-2022 22:21

220805-196qmsaab4 8

05-08-2022 22:20

220805-19grhsfecr 6

05-08-2022 10:34

220805-mml6tsbfe3 10

04-08-2022 16:23

220804-tvwtkagge4 10

Analysis

max time kernel
392s
max time network
382s
platform
windows10-1703_x64
resource
win10-20220718-en
resource tags

arch:x64arch:x86image:win10-20220718-enlocale:en-usos:windows10-1703-x64system
submitted
04-08-2022 16:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

fucker script.exe
Size

104KB
MD5

db0655efbe0dbdef1df06207f5cb5b5b
SHA1

a8d48d5c0042ce359178d018c0873e8a7c2f27e8
SHA256

52972a23ab12b95cd51d71741db2cf276749e56030c092e2e4f0907dcb1fbd56
SHA512

5adc8463c3e148a66f8afdeefc31f2b3ffeb12b7641584d1d24306b0898da60a8b9b948bb4f9b7d693185f2daa9bd9437b3b84cebc0eabfa84dfcef6938e1704

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes:

vlc.exe

pid process

4984 vlc.exe
Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

vlc.exe

pid process

4984 vlc.exe
Suspicious use of FindShellTrayWindow 6 IoCs

Processes:

vlc.exe

pid process

4984 vlc.exe
4984 vlc.exe
4984 vlc.exe
4984 vlc.exe
4984 vlc.exe
4984 vlc.exe
Suspicious use of SendNotifyMessage 2 IoCs

Processes:

vlc.exe

pid process

4984 vlc.exe
4984 vlc.exe
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

vlc.exe

pid process

4984 vlc.exe

pid	process
4984	vlc.exe

pid	process
4984	vlc.exe

pid	process
4984	vlc.exe
4984	vlc.exe
4984	vlc.exe
4984	vlc.exe
4984	vlc.exe
4984	vlc.exe

pid	process
4984	vlc.exe
4984	vlc.exe

pid	process
4984	vlc.exe

C:\Users\Admin\AppData\Local\Temp\fucker script.exe
"C:\Users\Admin\AppData\Local\Temp\fucker script.exe"
1⤵
PID:1788

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:4984

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1788-117-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-118-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-119-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-120-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-122-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-121-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-123-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-124-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-125-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-126-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-127-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-128-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-129-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-130-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-131-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-132-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-133-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-134-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-135-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-136-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-137-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-138-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download
memory/1788-139-0x0000000077110000-0x000000007729E000-memory.dmp

Filesize
1.6MB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads