Overview

overview

8

Static

static

American.mp4

windows7-x64

1

American.mp4

windows10-2004-x64

8

Analysis

  • max time kernel
    75s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29-11-2022 19:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    American.mp4

  • Size

    19.0MB

  • MD5

    1dc814767932597b8e2f123529f9b3c3

  • SHA1

    2880f15a2ef338895abd75bbb2d4339b3c016137

  • SHA256

    2b1bd315e1f178ba4aea5b360426a9e483ea2410ddca7ff95a9018861875c8ea

  • SHA512

    1e2926ae1737f6cd5a91581be6de8bd2cc3af5cc01e12f919e027c3260c6fbeaae1f930dded26261fce5b7329887df24fc64b3f008bf2a99713b7eef1df61db9

  • SSDEEP

    393216:OZ0iwmmnt+ma709m9Ohx1lpdHxInOIfJbI1Kz:kwYxQ9RxR5dI61Kz

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 24 IoCs
  • Suspicious use of SendNotifyMessage 5 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\American.mp4"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1360
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x548
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1360-54-0x000007FEFBD01000-0x000007FEFBD03000-memory.dmp
    Filesize

    8KB

    Download