ac0f683632e27a7ea2f6ee14c27e76073881842ed81cc6b961ac1f274515360a

Analysis

max time kernel
142s
max time network
127s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
10-07-2023 23:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Sploot/Sploot/Sploot/audio/wet.mp3
Size

3KB
MD5

7c6df5b89afe3ae7f11d348dac189de7
SHA1

af7029ab6ff1b2f37a81475d43e57e120479836a
SHA256

7f93d6d83f44f8e3a5193bd05872ea7c52fae0b3e615f28deb7d6656a8dc05fd
SHA512

cafed2395c7728721814a4dba6e1a0e6b35d06411b7a18eb0641d2a6f98d52beab1510d2ed430b7b5246e2c104a085fe6ed1decb0b7dc253f56372223fcba7e8

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2504	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2504	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2504	vlc.exe
Token: SeIncBasePriorityPrivilege	2504	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe
2504	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2504	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Sploot\Sploot\Sploot\audio\wet.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2504-59-0x000000013FD10000-0x000000013FE08000-memory.dmp

Filesize
992KB

Download
memory/2504-60-0x000007FEFA910000-0x000007FEFA944000-memory.dmp

Filesize
208KB

Download
memory/2504-61-0x000007FEF5D40000-0x000007FEF5FF4000-memory.dmp

Filesize
2.7MB

Download
memory/2504-62-0x000007FEFB750000-0x000007FEFB768000-memory.dmp

Filesize
96KB

Download
memory/2504-64-0x000007FEFAED0000-0x000007FEFAEE1000-memory.dmp

Filesize
68KB

Download
memory/2504-63-0x000007FEFAF20000-0x000007FEFAF37000-memory.dmp

Filesize
92KB

Download
memory/2504-65-0x000007FEF7B40000-0x000007FEF7B57000-memory.dmp

Filesize
92KB

Download
memory/2504-66-0x000007FEF7B20000-0x000007FEF7B31000-memory.dmp

Filesize
68KB

Download
memory/2504-67-0x000007FEF7B00000-0x000007FEF7B1D000-memory.dmp

Filesize
116KB

Download
memory/2504-68-0x000007FEF7AE0000-0x000007FEF7AF1000-memory.dmp

Filesize
68KB

Download
memory/2504-69-0x000007FEF4A50000-0x000007FEF5AFB000-memory.dmp

Filesize
16.7MB

Download
memory/2504-70-0x000007FEF4850000-0x000007FEF4A50000-memory.dmp

Filesize
2.0MB

Download
memory/2504-71-0x000007FEF7AA0000-0x000007FEF7ADF000-memory.dmp

Filesize
252KB

Download
memory/2504-72-0x000007FEF6FB0000-0x000007FEF6FD1000-memory.dmp

Filesize
132KB

Download
memory/2504-73-0x000007FEF6F90000-0x000007FEF6FA8000-memory.dmp

Filesize
96KB

Download
memory/2504-74-0x000007FEF6F70000-0x000007FEF6F81000-memory.dmp

Filesize
68KB

Download
memory/2504-75-0x000007FEF6F50000-0x000007FEF6F61000-memory.dmp

Filesize
68KB

Download
memory/2504-76-0x000007FEF69C0000-0x000007FEF69D1000-memory.dmp

Filesize
68KB

Download
memory/2504-80-0x000007FEF6500000-0x000007FEF6530000-memory.dmp

Filesize
192KB

Download
memory/2504-79-0x000007FEF6960000-0x000007FEF6978000-memory.dmp

Filesize
96KB

Download
memory/2504-78-0x000007FEF6980000-0x000007FEF6991000-memory.dmp

Filesize
68KB

Download
memory/2504-77-0x000007FEF69A0000-0x000007FEF69BB000-memory.dmp

Filesize
108KB

Download
memory/2504-81-0x000007FEF6410000-0x000007FEF6477000-memory.dmp

Filesize
412KB

Download
memory/2504-82-0x000007FEF63A0000-0x000007FEF640F000-memory.dmp

Filesize
444KB

Download
memory/2504-83-0x000007FEF64E0000-0x000007FEF64F1000-memory.dmp

Filesize
68KB

Download
memory/2504-84-0x000007FEF64C0000-0x000007FEF64D7000-memory.dmp

Filesize
92KB

Download
memory/2504-86-0x000007FEF5CE0000-0x000007FEF5D37000-memory.dmp

Filesize
348KB

Download
memory/2504-85-0x000007FEF6380000-0x000007FEF6391000-memory.dmp

Filesize
68KB

Download
memory/2504-88-0x000007FEF5C90000-0x000007FEF5CA3000-memory.dmp

Filesize
76KB

Download
memory/2504-87-0x000007FEF5CB0000-0x000007FEF5CDF000-memory.dmp

Filesize
188KB

Download
memory/2504-89-0x000007FEF5C70000-0x000007FEF5C81000-memory.dmp

Filesize
68KB

Download
memory/2504-92-0x000007FEF5B10000-0x000007FEF5B21000-memory.dmp

Filesize
68KB

Download
memory/2504-91-0x000007FEF5B30000-0x000007FEF5B42000-memory.dmp

Filesize
72KB

Download
memory/2504-90-0x000007FEF5BA0000-0x000007FEF5C65000-memory.dmp

Filesize
788KB

Download
memory/2504-93-0x000007FEF4830000-0x000007FEF4844000-memory.dmp

Filesize
80KB

Download
memory/2504-95-0x000007FEF47F0000-0x000007FEF4804000-memory.dmp

Filesize
80KB

Download
memory/2504-94-0x000007FEF4810000-0x000007FEF4822000-memory.dmp

Filesize
72KB

Download
memory/2504-97-0x000007FEF47B0000-0x000007FEF47C6000-memory.dmp

Filesize
88KB

Download
memory/2504-96-0x000007FEF47D0000-0x000007FEF47EE000-memory.dmp

Filesize
120KB

Download
memory/2504-98-0x000007FEF4790000-0x000007FEF47A5000-memory.dmp

Filesize
84KB

Download
memory/2504-99-0x000007FEF4770000-0x000007FEF4784000-memory.dmp

Filesize
80KB

Download
memory/2504-100-0x000007FEF4740000-0x000007FEF476C000-memory.dmp

Filesize
176KB

Download
memory/2504-101-0x000007FEF4720000-0x000007FEF4732000-memory.dmp

Filesize
72KB

Download
memory/2504-102-0x000007FEF46F0000-0x000007FEF4720000-memory.dmp

Filesize
192KB

Download
memory/2504-103-0x000007FEF46D0000-0x000007FEF46E7000-memory.dmp

Filesize
92KB

Download
memory/2504-104-0x000007FEF2F20000-0x000007FEF46D0000-memory.dmp

Filesize
23.7MB

Download
memory/2504-105-0x000007FEF2F00000-0x000007FEF2F11000-memory.dmp

Filesize
68KB

Download
memory/2504-106-0x000007FEF2EE0000-0x000007FEF2EF2000-memory.dmp

Filesize
72KB

Download
memory/2504-107-0x000007FEF2D60000-0x000007FEF2ED8000-memory.dmp

Filesize
1.5MB

Download
memory/2504-111-0x000007FEF2C80000-0x000007FEF2CA4000-memory.dmp

Filesize
144KB

Download
memory/2504-110-0x000007FEF2CB0000-0x000007FEF2CD8000-memory.dmp

Filesize
160KB

Download
memory/2504-109-0x000007FEF2CE0000-0x000007FEF2D36000-memory.dmp

Filesize
344KB

Download
memory/2504-108-0x000007FEF2D40000-0x000007FEF2D57000-memory.dmp

Filesize
92KB

Download
memory/2504-112-0x000007FEFAFA0000-0x000007FEFAFB0000-memory.dmp

Filesize
64KB

Download
memory/2504-113-0x000007FEF2C60000-0x000007FEF2C76000-memory.dmp

Filesize
88KB

Download
memory/2504-114-0x000007FEF2BE0000-0x000007FEF2C55000-memory.dmp

Filesize
468KB

Download
memory/2504-115-0x000007FEF2B70000-0x000007FEF2BD2000-memory.dmp

Filesize
392KB

Download
memory/2504-116-0x000007FEF2B00000-0x000007FEF2B6D000-memory.dmp

Filesize
436KB

Download
memory/2504-117-0x000007FEF2AE0000-0x000007FEF2AF5000-memory.dmp

Filesize
84KB

Download
memory/2504-118-0x000007FEF2AA0000-0x000007FEF2AB1000-memory.dmp

Filesize
68KB

Download
memory/2504-119-0x000007FEF2A80000-0x000007FEF2A92000-memory.dmp

Filesize
72KB

Download
memory/2504-120-0x000007FEF2900000-0x000007FEF2A7A000-memory.dmp

Filesize
1.5MB

Download
memory/2504-121-0x000007FEF28E0000-0x000007FEF28F3000-memory.dmp

Filesize
76KB

Download
memory/2504-122-0x000007FEF28C0000-0x000007FEF28D4000-memory.dmp

Filesize
80KB

Download