Overview

overview

7

Static

static

7

Changed.v0...21.rar

windows7-x64

3

Changed.v0...21.rar

windows10-2004-x64

3

Changed Sp...er.ini

windows7-x64

1

Changed Sp...er.ini

windows10-2004-x64

1

Changed Sp...ve.txt

windows7-x64

1

Changed Sp...ve.txt

windows10-2004-x64

1

Changed Sp...me.txt

windows7-x64

1

Changed Sp...me.txt

windows10-2004-x64

1

Changed Sp...ge.txt

windows7-x64

1

Changed Sp...ge.txt

windows10-2004-x64

1

Changed Sp...rt.txt

windows7-x64

1

Changed Sp...rt.txt

windows10-2004-x64

1

Changed Sp...id.txt

windows7-x64

1

Changed Sp...id.txt

windows10-2004-x64

1

Changed Sp...id.txt

windows7-x64

1

Changed Sp...id.txt

windows10-2004-x64

1

Changed Sp.../1.wav

windows7-x64

1

Changed Sp.../1.wav

windows10-2004-x64

6

Changed Sp...10.wav

windows7-x64

1

Changed Sp...10.wav

windows10-2004-x64

6

Changed Sp...11.wav

windows7-x64

1

Changed Sp...11.wav

windows10-2004-x64

6

Changed Sp...12.wav

windows7-x64

1

Changed Sp...12.wav

windows10-2004-x64

6

Changed Sp...13.wav

windows7-x64

1

Changed Sp...13.wav

windows10-2004-x64

6

Changed Sp...14.wav

windows7-x64

1

Changed Sp...14.wav

windows10-2004-x64

6

Changed Sp...15.wav

windows7-x64

1

Changed Sp...15.wav

windows10-2004-x64

6

Changed Sp...16.wav

windows7-x64

1

Changed Sp...16.wav

windows10-2004-x64

6

Analysis

  • max time kernel
    147s
  • max time network
    36s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2023 13:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Changed Special/steamapps/common/Changed Special/Audio/BGM/11.wav

  • Size

    2.7MB

  • MD5

    1e20e5cb1b3d3bfd5939159dd53a53d7

  • SHA1

    43021ca542dee2f88116033989a6ba5e5c842bda

  • SHA256

    5fa7a87d00c3784abb9a43c2e097ab9b379b4e881ece992ac41c22b1b4b5b9b1

  • SHA512

    dea5d77e44f53d7edf143e6eab57b83c08a6ca96a5d69fa6d5deff53d10ef3546c5f7d565e705f99d2db73d4f027f8919f377849c4ad63cf7d95bdbc563e8eac

  • SSDEEP

    49152:bee9LVEUxT3iLP76gcaFVD9BOcRNLBTk7QPPWA6HvZ7bPgly+JNmb6z4+NjxeQU3:6gCgTiugTz54GNLOAgPgDoF3

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Changed Special\steamapps\common\Changed Special\Audio\BGM\11.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1288
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x4c8
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1288-59-0x000000013F4E0000-0x000000013F5D8000-memory.dmp
    Filesize

    992KB

    Download
  • memory/1288-60-0x000007FEF75C0000-0x000007FEF75F4000-memory.dmp
    Filesize

    208KB

    Download
  • memory/1288-61-0x000007FEF6B90000-0x000007FEF6E44000-memory.dmp
    Filesize

    2.7MB

    Download
  • memory/1288-67-0x000007FEF6F80000-0x000007FEF6F9D000-memory.dmp
    Filesize

    116KB

    Download
  • memory/1288-66-0x000007FEF6FA0000-0x000007FEF6FB1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-68-0x000007FEF6910000-0x000007FEF6B10000-memory.dmp
    Filesize

    2.0MB

    Download
  • memory/1288-69-0x000007FEF6B70000-0x000007FEF6B81000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-65-0x000007FEF6FC0000-0x000007FEF6FD7000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1288-72-0x000007FEF6B50000-0x000007FEF6B68000-memory.dmp
    Filesize

    96KB

    Download
  • memory/1288-71-0x000007FEF68A0000-0x000007FEF68C1000-memory.dmp
    Filesize

    132KB

    Download
  • memory/1288-70-0x000007FEF68D0000-0x000007FEF690F000-memory.dmp
    Filesize

    252KB

    Download
  • memory/1288-64-0x000007FEF6FE0000-0x000007FEF6FF1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-63-0x000007FEF75A0000-0x000007FEF75B7000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1288-62-0x000007FEFBF70000-0x000007FEFBF88000-memory.dmp
    Filesize

    96KB

    Download
  • memory/1288-75-0x000007FEF57B0000-0x000007FEF57C1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-82-0x000007FEF5620000-0x000007FEF568F000-memory.dmp
    Filesize

    444KB

    Download
  • memory/1288-83-0x000007FEF5600000-0x000007FEF5611000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-84-0x000007FEF55A0000-0x000007FEF55F6000-memory.dmp
    Filesize

    344KB

    Download
  • memory/1288-85-0x000007FEF5570000-0x000007FEF5598000-memory.dmp
    Filesize

    160KB

    Download
  • memory/1288-86-0x000007FEF5540000-0x000007FEF5564000-memory.dmp
    Filesize

    144KB

    Download
  • memory/1288-87-0x000007FEF5520000-0x000007FEF5537000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1288-88-0x000007FEF54F0000-0x000007FEF5513000-memory.dmp
    Filesize

    140KB

    Download
  • memory/1288-89-0x000007FEF54D0000-0x000007FEF54E1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-90-0x000007FEF54B0000-0x000007FEF54C2000-memory.dmp
    Filesize

    72KB

    Download
  • memory/1288-92-0x000007FEF5460000-0x000007FEF5473000-memory.dmp
    Filesize

    76KB

    Download
  • memory/1288-95-0x000007FEFAE60000-0x000007FEFAE70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1288-96-0x000007FEF5290000-0x000007FEF52BF000-memory.dmp
    Filesize

    188KB

    Download
  • memory/1288-97-0x000007FEF5270000-0x000007FEF5281000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-98-0x000007FEF5250000-0x000007FEF5266000-memory.dmp
    Filesize

    88KB

    Download
  • memory/1288-99-0x000007FEF5230000-0x000007FEF5245000-memory.dmp
    Filesize

    84KB

    Download
  • memory/1288-100-0x000007FEF4EF0000-0x000007FEF4F01000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-101-0x000007FEF4ED0000-0x000007FEF4EE2000-memory.dmp
    Filesize

    72KB

    Download
  • memory/1288-94-0x000007FEF52C0000-0x000007FEF52D7000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1288-93-0x000007FEF52E0000-0x000007FEF5458000-memory.dmp
    Filesize

    1.5MB

    Download
  • memory/1288-91-0x000007FEF5480000-0x000007FEF54A1000-memory.dmp
    Filesize

    132KB

    Download
  • memory/1288-102-0x000007FEF4D50000-0x000007FEF4ECA000-memory.dmp
    Filesize

    1.5MB

    Download
  • memory/1288-103-0x000007FEF4D30000-0x000007FEF4D43000-memory.dmp
    Filesize

    76KB

    Download
  • memory/1288-108-0x000007FEF4C90000-0x000007FEF4CA6000-memory.dmp
    Filesize

    88KB

    Download
  • memory/1288-107-0x000007FEF4CB0000-0x000007FEF4CC1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-106-0x000007FEF4CD0000-0x000007FEF4CE1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-105-0x000007FEF4CF0000-0x000007FEF4D01000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-104-0x000007FEF4D10000-0x000007FEF4D24000-memory.dmp
    Filesize

    80KB

    Download
  • memory/1288-81-0x000007FEF5690000-0x000007FEF56F7000-memory.dmp
    Filesize

    412KB

    Download
  • memory/1288-80-0x000007FEF5700000-0x000007FEF5730000-memory.dmp
    Filesize

    192KB

    Download
  • memory/1288-79-0x000007FEF5730000-0x000007FEF5748000-memory.dmp
    Filesize

    96KB

    Download
  • memory/1288-78-0x000007FEF5750000-0x000007FEF5761000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-77-0x000007FEF5770000-0x000007FEF578B000-memory.dmp
    Filesize

    108KB

    Download
  • memory/1288-76-0x000007FEF5790000-0x000007FEF57A1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-74-0x000007FEF57D0000-0x000007FEF57E1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1288-73-0x000007FEF57F0000-0x000007FEF689B000-memory.dmp
    Filesize

    16.7MB

    Download
  • memory/1288-111-0x000007FEF6B90000-0x000007FEF6E44000-memory.dmp
    Filesize

    2.7MB

    Download