Analysis
-
max time kernel
37s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
24-11-2022 17:47
General
-
Target
michael jackson - smooth criminal.mp3
-
Size
5.8MB
-
MD5
5c81c42304ad2bd3a70d6553f36ad9bd
-
SHA1
9d4152f46af65bc07f4cf94c01b1be6a01617b21
-
SHA256
8d3ee1eae890e748096c04c683d4989853b3a87d1b094b4868912f18145c62b5
-
SHA512
b171c9152dc53771f202ce50ca797a92a5d15b3f145d70573b0638f8a237a819f012f1700815d25cfe0da6f643ee28b23c503d5e8046ebafe6a7108ceca191cc
-
SSDEEP
98304:tud2xD9/4Gs7cBLl9AWLxl7aY3quOWaS+6RTa/LfL1WPdHtEDmNkjKp8N7bO4Jcf:Md5G7LLDafz7F6FCLBcdHt9N4E87bO/f
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 8 IoCs
-
Suspicious use of FindShellTrayWindow 30 IoCs
-
Suspicious use of SendNotifyMessage 8 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\michael jackson - smooth criminal.mp3"1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x45c1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2020-54-0x000007FEFBAB1000-0x000007FEFBAB3000-memory.dmpFilesize
8KB