ac0f683632e27a7ea2f6ee14c27e76073881842ed81cc6b961ac1f274515360a

Analysis

max time kernel
142s
max time network
130s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
10/07/2023, 23:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Sploot/Sploot/Sploot/audio/wetterslap.mp3
Size

5KB
MD5

9524179017c7fe30a0102a3952764c7d
SHA1

005a70d62f315da8fbfbcdf64e6ae666d7f0e3a6
SHA256

4ab3b0d7a3db24c202117c4107844f6c5b7eb69170eda3d7eeec68ba83db4758
SHA512

9743f5cf22726390c7c99d8b85496cd2187517bf524a2349dfba05f08014834a315cac9c9892dd6a20824034b791144e22f8aee104a7e7e53af62af404402f1f
SSDEEP

96:Cr1KgzPe18t9FoF13l4pQYZUSMmdAqu7EIykkUow2qH7Y5/wdACOdPyZUAG:068t9FoGuY3dAv7EIOZ6U5/wm3dPaG

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2608	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2608	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2608	vlc.exe
Token: SeIncBasePriorityPrivilege	2608	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe
2608	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2608	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Sploot\Sploot\Sploot\audio\wetterslap.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2608-60-0x000007FEFA9E0000-0x000007FEFAA14000-memory.dmp

Filesize
208KB

Download
memory/2608-59-0x000000013F8D0000-0x000000013F9C8000-memory.dmp

Filesize
992KB

Download
memory/2608-67-0x000007FEF7420000-0x000007FEF743D000-memory.dmp

Filesize
116KB

Download
memory/2608-66-0x000007FEF7440000-0x000007FEF7451000-memory.dmp

Filesize
68KB

Download
memory/2608-65-0x000007FEF7460000-0x000007FEF7477000-memory.dmp

Filesize
92KB

Download
memory/2608-64-0x000007FEFA640000-0x000007FEFA651000-memory.dmp

Filesize
68KB

Download
memory/2608-63-0x000007FEFA660000-0x000007FEFA677000-memory.dmp

Filesize
92KB

Download
memory/2608-62-0x000007FEFAC10000-0x000007FEFAC28000-memory.dmp

Filesize
96KB

Download
memory/2608-61-0x000007FEF5B40000-0x000007FEF5DF4000-memory.dmp

Filesize
2.7MB

Download
memory/2608-68-0x000007FEF7380000-0x000007FEF7391000-memory.dmp

Filesize
68KB

Download
memory/2608-69-0x000007FEF5940000-0x000007FEF5B40000-memory.dmp

Filesize
2.0MB

Download
memory/2608-70-0x000007FEF4890000-0x000007FEF593B000-memory.dmp

Filesize
16.7MB

Download
memory/2608-71-0x000007FEF7340000-0x000007FEF737F000-memory.dmp

Filesize
252KB

Download
memory/2608-72-0x000007FEF7310000-0x000007FEF7331000-memory.dmp

Filesize
132KB

Download
memory/2608-73-0x000007FEF6CF0000-0x000007FEF6D08000-memory.dmp

Filesize
96KB

Download
memory/2608-74-0x000007FEF6770000-0x000007FEF6781000-memory.dmp

Filesize
68KB

Download
memory/2608-75-0x000007FEF6750000-0x000007FEF6761000-memory.dmp

Filesize
68KB

Download
memory/2608-76-0x000007FEF6730000-0x000007FEF6741000-memory.dmp

Filesize
68KB

Download
memory/2608-77-0x000007FEF6710000-0x000007FEF672B000-memory.dmp

Filesize
108KB

Download
memory/2608-78-0x000007FEF62C0000-0x000007FEF62D1000-memory.dmp

Filesize
68KB

Download
memory/2608-79-0x000007FEF6260000-0x000007FEF6278000-memory.dmp

Filesize
96KB

Download
memory/2608-80-0x000007FEF6230000-0x000007FEF6260000-memory.dmp

Filesize
192KB

Download
memory/2608-81-0x000007FEF61C0000-0x000007FEF6227000-memory.dmp

Filesize
412KB

Download
memory/2608-82-0x000007FEF4820000-0x000007FEF488F000-memory.dmp

Filesize
444KB

Download
memory/2608-83-0x000007FEF61A0000-0x000007FEF61B1000-memory.dmp

Filesize
68KB

Download
memory/2608-84-0x000007FEF6180000-0x000007FEF6197000-memory.dmp

Filesize
92KB

Download
memory/2608-85-0x000007FEF4800000-0x000007FEF4811000-memory.dmp

Filesize
68KB

Download
memory/2608-86-0x000007FEF47A0000-0x000007FEF47F7000-memory.dmp

Filesize
348KB

Download
memory/2608-87-0x000007FEF4770000-0x000007FEF479F000-memory.dmp

Filesize
188KB

Download
memory/2608-88-0x000007FEF4750000-0x000007FEF4763000-memory.dmp

Filesize
76KB

Download
memory/2608-89-0x000007FEF4730000-0x000007FEF4741000-memory.dmp

Filesize
68KB

Download
memory/2608-90-0x000007FEF4660000-0x000007FEF4725000-memory.dmp

Filesize
788KB

Download
memory/2608-91-0x000007FEF4640000-0x000007FEF4652000-memory.dmp

Filesize
72KB

Download
memory/2608-92-0x000007FEF4620000-0x000007FEF4631000-memory.dmp

Filesize
68KB

Download
memory/2608-93-0x000007FEF4600000-0x000007FEF4614000-memory.dmp

Filesize
80KB

Download
memory/2608-94-0x000007FEF45E0000-0x000007FEF45F2000-memory.dmp

Filesize
72KB

Download
memory/2608-95-0x000007FEF45C0000-0x000007FEF45D4000-memory.dmp

Filesize
80KB

Download
memory/2608-96-0x000007FEF45A0000-0x000007FEF45BE000-memory.dmp

Filesize
120KB

Download
memory/2608-97-0x000007FEF4580000-0x000007FEF4596000-memory.dmp

Filesize
88KB

Download
memory/2608-98-0x000007FEF4560000-0x000007FEF4575000-memory.dmp

Filesize
84KB

Download
memory/2608-99-0x000007FEF4540000-0x000007FEF4554000-memory.dmp

Filesize
80KB

Download
memory/2608-100-0x000007FEF4510000-0x000007FEF453C000-memory.dmp

Filesize
176KB

Download
memory/2608-101-0x000007FEF44F0000-0x000007FEF4502000-memory.dmp

Filesize
72KB

Download
memory/2608-102-0x000007FEF44C0000-0x000007FEF44F0000-memory.dmp

Filesize
192KB

Download
memory/2608-103-0x000007FEF44A0000-0x000007FEF44B7000-memory.dmp

Filesize
92KB

Download
memory/2608-104-0x000007FEF2CF0000-0x000007FEF44A0000-memory.dmp

Filesize
23.7MB

Download
memory/2608-105-0x000007FEF2CD0000-0x000007FEF2CE1000-memory.dmp

Filesize
68KB

Download
memory/2608-106-0x000007FEF2CB0000-0x000007FEF2CC2000-memory.dmp

Filesize
72KB

Download
memory/2608-107-0x000007FEF2B30000-0x000007FEF2CA8000-memory.dmp

Filesize
1.5MB

Download
memory/2608-108-0x000007FEF2B10000-0x000007FEF2B27000-memory.dmp

Filesize
92KB

Download
memory/2608-110-0x000007FEF2A80000-0x000007FEF2AA8000-memory.dmp

Filesize
160KB

Download
memory/2608-109-0x000007FEF2AB0000-0x000007FEF2B06000-memory.dmp

Filesize
344KB

Download
memory/2608-111-0x000007FEF2A50000-0x000007FEF2A74000-memory.dmp

Filesize
144KB

Download
memory/2608-112-0x000007FEFAD20000-0x000007FEFAD30000-memory.dmp

Filesize
64KB

Download
memory/2608-113-0x000007FEF2A30000-0x000007FEF2A46000-memory.dmp

Filesize
88KB

Download
memory/2608-114-0x000007FEF29B0000-0x000007FEF2A25000-memory.dmp

Filesize
468KB

Download
memory/2608-115-0x000007FEF2940000-0x000007FEF29A2000-memory.dmp

Filesize
392KB

Download
memory/2608-116-0x000007FEF28D0000-0x000007FEF293D000-memory.dmp

Filesize
436KB

Download
memory/2608-117-0x000007FEF28B0000-0x000007FEF28C5000-memory.dmp

Filesize
84KB

Download
memory/2608-118-0x000007FEF2890000-0x000007FEF28A1000-memory.dmp

Filesize
68KB

Download
memory/2608-119-0x000007FEF2870000-0x000007FEF2882000-memory.dmp

Filesize
72KB

Download
memory/2608-121-0x000007FEF26D0000-0x000007FEF26E3000-memory.dmp

Filesize
76KB

Download
memory/2608-120-0x000007FEF26F0000-0x000007FEF286A000-memory.dmp

Filesize
1.5MB

Download
memory/2608-122-0x000007FEF26B0000-0x000007FEF26C4000-memory.dmp

Filesize
80KB

Download