Overview

overview

3

Static

static

3

FalloutLau...76.zip

windows7-x64

1

FalloutLau...76.zip

windows10-2004-x64

1

FalloutLauncher.exe

windows7-x64

1

FalloutLauncher.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    31s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2023, 17:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    FalloutLauncher - Autohotkey Shortcut Version-1-1-0-1682485176.zip

  • Size

    403KB

  • MD5

    23417ca181fc471fd42f580df1518685

  • SHA1

    e48939c8971d3b50192f7a157d2788a9d588c08d

  • SHA256

    65e35d118dad682b2bc8a85b0cab1e660206aae07c488af2ac1c31cb6957a568

  • SHA512

    43680ce4905516779624617e08dccebb1ca618f986d1b68024c319ff0177edd081f856e552e3f24e1a1ad391d3f0d0ecf5d1460dce8d718d6e82fe049eee17a6

  • SSDEEP

    12288:epVGvoJbaY/uGiqR0Xof38jtHuCRgCRYJg67MMbG:epogJmY/7SXoutDdYJg6IMq

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\FalloutLauncher - Autohotkey Shortcut Version-1-1-0-1682485176.zip"
    1⤵
      PID:960
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2036
      • C:\Program Files\VideoLAN\VLC\vlc.exe
        "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\StepSearch.mp2v"
        1⤵
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:520

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/520-62-0x000000013FAE0000-0x000000013FBD8000-memory.dmp

              Filesize

              992KB

              Download

            • memory/520-63-0x000007FEFAE80000-0x000007FEFAEB4000-memory.dmp

              Filesize

              208KB

              Download

            • memory/520-64-0x000007FEF6240000-0x000007FEF64F4000-memory.dmp

              Filesize

              2.7MB

              Download

            • memory/520-65-0x000007FEF5110000-0x000007FEF61BB000-memory.dmp

              Filesize

              16.7MB

              Download

            • memory/520-66-0x000007FEF4370000-0x000007FEF4482000-memory.dmp

              Filesize

              1.1MB

              Download