Overview

overview

4

Static

static

1

vlc-3.0.3-win32.exe

windows7-x64

4

vlc-3.0.3-win32.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    141s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    21-06-2023 18:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    vlc-3.0.3-win32.exe

  • Size

    38.3MB

  • MD5

    1554d7e3382a5fb0b5499eea319a85df

  • SHA1

    66b568025ca2deb51f25464b6b1810860627c9dc

  • SHA256

    65bf42b15a05b13197e4dd6cdf181e39f30d47feb2cb6cc929db21cd634cd36f

  • SHA512

    ffc10319e161e613ac31169fc4ae051ab01c28790808df9f287dc5542504ca04182cd6a4ae926db7ea142f617f3a33f2ae0e7a02d088d0262cae6565d47ef4e3

  • SSDEEP

    786432:yy4oNOTN/cG/pJ97ha4zjcpU0OkWoLfZjqb007ZGZX2FpsVzCVLEaKZ51BFIDPUd:yy4oNOTN0G/pJF04sYebx70qJeCaK9Pb

Score
4/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\vlc-3.0.3-win32.exe
    "C:\Users\Admin\AppData\Local\Temp\vlc-3.0.3-win32.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2000

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nso37C6.tmp\LangDLL.dll
    Filesize

    7KB

    MD5

    27cf377d1533f78135bb36ff36b6359f

    SHA1

    8eda472e1cb83e67c1f118579ef01c1ad06d133a

    SHA256

    998d77553254e5bd11a4826a2bdc8549d0e28e9199db799b919bc6d15f8b0694

    SHA512

    f48e597f7d77bd03aa150927234a639c883d2937ee6b24a9f5bd13e70f2b609ae61301ef906ba2f5b047846d2f2818199f5bfb2457618709f2329bd5193d65c2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nso37C6.tmp\System.dll
    Filesize

    26KB

    MD5

    1fddcb352cab98f4bd46583dd6d71501

    SHA1

    ef7bd2afa119945527fb9e2bdca6024e7622cf55

    SHA256

    47e565ecd4e5523d6e4969f1108d6ba8894d2577b83e319fe4b53776a8ad5b5b

    SHA512

    ab5e6c586801bc5ea8914b4bf42823d3a619990b32eecba39195370175a74e3984c9c87e6b01add2670796079f5fe2e44910340dafc9b4a4b2950fee14ed928f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nso37C6.tmp\nsDialogs.dll
    Filesize

    11KB

    MD5

    30dcc81f69c5d1790671c05be0e93ec1

    SHA1

    9db43df563ed5144c0419534f47fad0af4c687c6

    SHA256

    d43a3ac1b2ddd073c9d20f4391c212cf092c469fdae80a8a632f478205d58b2d

    SHA512

    7b4019ef62840160c1b285214775a81074f14be4ed674a0dca11cca32a1b7156ef6aaadb85e96a4a34f52a89f473c7488a2116f9cadcb583286a1d352704411f

    Download Submit

  • memory/2000-72-0x00000000748F0000-0x00000000748FE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2000-71-0x0000000000400000-0x0000000000480000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2000-73-0x00000000748E0000-0x00000000748EB000-memory.dmp

    Filesize

    44KB

    Download