Overview

overview

7

Static

static

7

Changed.v0...21.rar

windows7-x64

3

Changed.v0...21.rar

windows10-2004-x64

3

Changed Sp...er.ini

windows7-x64

1

Changed Sp...er.ini

windows10-2004-x64

1

Changed Sp...ve.txt

windows7-x64

1

Changed Sp...ve.txt

windows10-2004-x64

1

Changed Sp...me.txt

windows7-x64

1

Changed Sp...me.txt

windows10-2004-x64

1

Changed Sp...ge.txt

windows7-x64

1

Changed Sp...ge.txt

windows10-2004-x64

1

Changed Sp...rt.txt

windows7-x64

1

Changed Sp...rt.txt

windows10-2004-x64

1

Changed Sp...id.txt

windows7-x64

1

Changed Sp...id.txt

windows10-2004-x64

1

Changed Sp...id.txt

windows7-x64

1

Changed Sp...id.txt

windows10-2004-x64

1

Changed Sp.../1.wav

windows7-x64

1

Changed Sp.../1.wav

windows10-2004-x64

6

Changed Sp...10.wav

windows7-x64

1

Changed Sp...10.wav

windows10-2004-x64

6

Changed Sp...11.wav

windows7-x64

1

Changed Sp...11.wav

windows10-2004-x64

6

Changed Sp...12.wav

windows7-x64

1

Changed Sp...12.wav

windows10-2004-x64

6

Changed Sp...13.wav

windows7-x64

1

Changed Sp...13.wav

windows10-2004-x64

6

Changed Sp...14.wav

windows7-x64

1

Changed Sp...14.wav

windows10-2004-x64

6

Changed Sp...15.wav

windows7-x64

1

Changed Sp...15.wav

windows10-2004-x64

6

Changed Sp...16.wav

windows7-x64

1

Changed Sp...16.wav

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2023 13:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Changed Special/steamapps/common/Changed Special/Audio/BGM/12.wav

  • Size

    3.8MB

  • MD5

    88dcefb7b311283841e8ff9ce8cdc8c9

  • SHA1

    658f9fd85b6de409f88af8a6837d2d2fee39097e

  • SHA256

    001cf450c4e35f0a4302f6b59af947993aa0894e90bdfe8939314f8361049ac3

  • SHA512

    cb3a5ff39b9afe1d75adae04f25ab543521d9e6b9f0abae9f4962d32bc07ff73228c12612cfef6259b6065298a8216f7cd962d9bcceff2687170ec23b1a22da4

  • SSDEEP

    98304:kpNO+8ayR1rJaDqvLqPkCjQQTryTqUko2rFacx7kfLz7tqMHmcgc:BR1d2ty1J2rFez7tPGcgc

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Changed Special\steamapps\common\Changed Special\Audio\BGM\12.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1104
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x1ec
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1104-59-0x000000013F470000-0x000000013F568000-memory.dmp
    Filesize

    992KB

    Download
  • memory/1104-60-0x000007FEFAAB0000-0x000007FEFAAE4000-memory.dmp
    Filesize

    208KB

    Download
  • memory/1104-61-0x000007FEF6180000-0x000007FEF6434000-memory.dmp
    Filesize

    2.7MB

    Download
  • memory/1104-65-0x000007FEFA9F0000-0x000007FEFAA07000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1104-66-0x000007FEFA860000-0x000007FEFA871000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-67-0x000007FEFA840000-0x000007FEFA85D000-memory.dmp
    Filesize

    116KB

    Download
  • memory/1104-64-0x000007FEFAA10000-0x000007FEFAA21000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-68-0x000007FEFA820000-0x000007FEFA831000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-79-0x000007FEF6EF0000-0x000007FEF6F20000-memory.dmp
    Filesize

    192KB

    Download
  • memory/1104-78-0x000007FEFA490000-0x000007FEFA4A8000-memory.dmp
    Filesize

    96KB

    Download
  • memory/1104-77-0x000007FEFA4B0000-0x000007FEFA4C1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-76-0x000007FEFA4D0000-0x000007FEFA4EB000-memory.dmp
    Filesize

    108KB

    Download
  • memory/1104-75-0x000007FEFA4F0000-0x000007FEFA501000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-74-0x000007FEFA510000-0x000007FEFA521000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-73-0x000007FEFA530000-0x000007FEFA541000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-72-0x000007FEFA790000-0x000007FEFA7A8000-memory.dmp
    Filesize

    96KB

    Download
  • memory/1104-71-0x000007FEFA7B0000-0x000007FEFA7D1000-memory.dmp
    Filesize

    132KB

    Download
  • memory/1104-70-0x000007FEFA7E0000-0x000007FEFA81F000-memory.dmp
    Filesize

    252KB

    Download
  • memory/1104-69-0x000007FEF5EE0000-0x000007FEF60E0000-memory.dmp
    Filesize

    2.0MB

    Download
  • memory/1104-63-0x000007FEFAA90000-0x000007FEFAAA7000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1104-62-0x000007FEFB3D0000-0x000007FEFB3E8000-memory.dmp
    Filesize

    96KB

    Download
  • memory/1104-82-0x000007FEF4DC0000-0x000007FEF4E2F000-memory.dmp
    Filesize

    444KB

    Download
  • memory/1104-83-0x000007FEF6ED0000-0x000007FEF6EE1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-80-0x000007FEF4E30000-0x000007FEF5EDB000-memory.dmp
    Filesize

    16.7MB

    Download
  • memory/1104-85-0x000007FEF6150000-0x000007FEF6178000-memory.dmp
    Filesize

    160KB

    Download
  • memory/1104-86-0x000007FEF4D30000-0x000007FEF4D54000-memory.dmp
    Filesize

    144KB

    Download
  • memory/1104-87-0x000007FEF6EB0000-0x000007FEF6EC7000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1104-88-0x000007FEF4D00000-0x000007FEF4D23000-memory.dmp
    Filesize

    140KB

    Download
  • memory/1104-89-0x000007FEF6560000-0x000007FEF6571000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-92-0x000007FEF4C90000-0x000007FEF4CA3000-memory.dmp
    Filesize

    76KB

    Download
  • memory/1104-93-0x000007FEF4B10000-0x000007FEF4C88000-memory.dmp
    Filesize

    1.5MB

    Download
  • memory/1104-94-0x000007FEF4AF0000-0x000007FEF4B07000-memory.dmp
    Filesize

    92KB

    Download
  • memory/1104-95-0x000007FEFAA80000-0x000007FEFAA90000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1104-96-0x000007FEF4AC0000-0x000007FEF4AEF000-memory.dmp
    Filesize

    188KB

    Download
  • memory/1104-97-0x000007FEF4AA0000-0x000007FEF4AB1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-98-0x000007FEF4A80000-0x000007FEF4A96000-memory.dmp
    Filesize

    88KB

    Download
  • memory/1104-99-0x000007FEF4A60000-0x000007FEF4A75000-memory.dmp
    Filesize

    84KB

    Download
  • memory/1104-101-0x000007FEF4700000-0x000007FEF4712000-memory.dmp
    Filesize

    72KB

    Download
  • memory/1104-107-0x000007FEF44E0000-0x000007FEF44F1000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-106-0x000007FEF4500000-0x000007FEF4511000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-108-0x000007FEF44C0000-0x000007FEF44D6000-memory.dmp
    Filesize

    88KB

    Download
  • memory/1104-105-0x000007FEF4520000-0x000007FEF4531000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-104-0x000007FEF4540000-0x000007FEF4554000-memory.dmp
    Filesize

    80KB

    Download
  • memory/1104-103-0x000007FEF4560000-0x000007FEF4573000-memory.dmp
    Filesize

    76KB

    Download
  • memory/1104-102-0x000007FEF4580000-0x000007FEF46FA000-memory.dmp
    Filesize

    1.5MB

    Download
  • memory/1104-100-0x000007FEF4740000-0x000007FEF4751000-memory.dmp
    Filesize

    68KB

    Download
  • memory/1104-91-0x000007FEF4CB0000-0x000007FEF4CD1000-memory.dmp
    Filesize

    132KB

    Download
  • memory/1104-90-0x000007FEF4CE0000-0x000007FEF4CF2000-memory.dmp
    Filesize

    72KB

    Download
  • memory/1104-84-0x000007FEF4D60000-0x000007FEF4DB6000-memory.dmp
    Filesize

    344KB

    Download
  • memory/1104-81-0x000007FEF6580000-0x000007FEF65E7000-memory.dmp
    Filesize

    412KB

    Download