Analysis
-
max time kernel
136s -
max time network
148s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
-
submitted
30/10/2022, 07:38
General
-
Target
whip your kids roblox.ogg
-
Size
1.8MB
-
MD5
792800ce80441bb232baead9e65ed361
-
SHA1
209c87bdd1a92655bdda2c64cbf7d696a36ab17a
-
SHA256
5e753bb62c9b30f19a9aaa6a768266efc60cff6c3b212ba12f14d8411ae2c18a
-
SHA512
5fa835bf21ce544f1a3280d98728a07cd26a4cee9b040b99f693437a762717ae289d3ced8c23e3eb8dee16606f765e1a7edd6068877b7b7406e955f2eae5f63e
-
SSDEEP
49152:jBMVG27b6VCQ7234MvNxcdBgVysjrqGnOPW3a:Sxb6Vdk4MvPqBcjKWK
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
-
Suspicious use of FindShellTrayWindow 10 IoCs
-
Suspicious use of SendNotifyMessage 9 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\whip your kids roblox.ogg"1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x2b81⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵