ac0f683632e27a7ea2f6ee14c27e76073881842ed81cc6b961ac1f274515360a

Analysis

max time kernel
142s
max time network
126s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
10/07/2023, 23:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Sploot/Sploot/Sploot/audio/coomdoompfast.mp3
Size

93KB
MD5

c4ce8c6d6f84d78a6665b55eff0224aa
SHA1

84a4b4c96453868dc7afcf9e2012e31670039c42
SHA256

cf5fe2ee630515169eaf6503f1b43a3084e14bc7a89fee19ae071446ca4fc772
SHA512

bb2c7b98369dae3e41ec71d3ac912af229bc5f8e115421f3581be2d01accd9580ecb391e32ea7a32eaa3f7d7b628b48bd1a9f0702f534eddb31292a676b7b8fc
SSDEEP

1536:lD9SNtNrPFb4yx+QUT1LwuOx1pO66Z/CsM2FKIhI0Gk:59ctBP+E+QUZkXTloC9Gyk

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2596	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2596	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2596	vlc.exe
Token: SeIncBasePriorityPrivilege	2596	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe
2596	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2596	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Sploot\Sploot\Sploot\audio\coomdoompfast.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2596-59-0x000000013FC80000-0x000000013FD78000-memory.dmp

Filesize
992KB

Download
memory/2596-60-0x000007FEFACD0000-0x000007FEFAD04000-memory.dmp

Filesize
208KB

Download
memory/2596-61-0x000007FEF60C0000-0x000007FEF6374000-memory.dmp

Filesize
2.7MB

Download
memory/2596-62-0x000007FEFBA50000-0x000007FEFBA68000-memory.dmp

Filesize
96KB

Download
memory/2596-63-0x000007FEFAFE0000-0x000007FEFAFF7000-memory.dmp

Filesize
92KB

Download
memory/2596-64-0x000007FEFAB50000-0x000007FEFAB61000-memory.dmp

Filesize
68KB

Download
memory/2596-65-0x000007FEFAB30000-0x000007FEFAB47000-memory.dmp

Filesize
92KB

Download
memory/2596-66-0x000007FEFAB10000-0x000007FEFAB21000-memory.dmp

Filesize
68KB

Download
memory/2596-67-0x000007FEFAAF0000-0x000007FEFAB0D000-memory.dmp

Filesize
116KB

Download
memory/2596-68-0x000007FEF7A20000-0x000007FEF7A31000-memory.dmp

Filesize
68KB

Download
memory/2596-69-0x000007FEF5EC0000-0x000007FEF60C0000-memory.dmp

Filesize
2.0MB

Download
memory/2596-70-0x000007FEF4E10000-0x000007FEF5EBB000-memory.dmp

Filesize
16.7MB

Download
memory/2596-72-0x000007FEF79B0000-0x000007FEF79D1000-memory.dmp

Filesize
132KB

Download
memory/2596-73-0x000007FEF7830000-0x000007FEF7848000-memory.dmp

Filesize
96KB

Download
memory/2596-71-0x000007FEF79E0000-0x000007FEF7A1F000-memory.dmp

Filesize
252KB

Download
memory/2596-75-0x000007FEF77F0000-0x000007FEF7801000-memory.dmp

Filesize
68KB

Download
memory/2596-74-0x000007FEF7810000-0x000007FEF7821000-memory.dmp

Filesize
68KB

Download
memory/2596-78-0x000007FEF7290000-0x000007FEF72A1000-memory.dmp

Filesize
68KB

Download
memory/2596-77-0x000007FEF72B0000-0x000007FEF72CB000-memory.dmp

Filesize
108KB

Download
memory/2596-76-0x000007FEF77D0000-0x000007FEF77E1000-memory.dmp

Filesize
68KB

Download
memory/2596-79-0x000007FEF7270000-0x000007FEF7288000-memory.dmp

Filesize
96KB

Download
memory/2596-80-0x000007FEF7240000-0x000007FEF7270000-memory.dmp

Filesize
192KB

Download
memory/2596-81-0x000007FEF6C60000-0x000007FEF6CC7000-memory.dmp

Filesize
412KB

Download
memory/2596-82-0x000007FEF67B0000-0x000007FEF681F000-memory.dmp

Filesize
444KB

Download
memory/2596-83-0x000007FEF6C40000-0x000007FEF6C51000-memory.dmp

Filesize
68KB

Download
memory/2596-84-0x000007FEF6790000-0x000007FEF67A7000-memory.dmp

Filesize
92KB

Download
memory/2596-85-0x000007FEF6770000-0x000007FEF6781000-memory.dmp

Filesize
68KB

Download
memory/2596-89-0x000007FEF4DC0000-0x000007FEF4DD1000-memory.dmp

Filesize
68KB

Download
memory/2596-88-0x000007FEF66F0000-0x000007FEF6703000-memory.dmp

Filesize
76KB

Download
memory/2596-87-0x000007FEF4DE0000-0x000007FEF4E0F000-memory.dmp

Filesize
188KB

Download
memory/2596-86-0x000007FEF6710000-0x000007FEF6767000-memory.dmp

Filesize
348KB

Download
memory/2596-94-0x000007FEF4C70000-0x000007FEF4C82000-memory.dmp

Filesize
72KB

Download
memory/2596-93-0x000007FEF4C90000-0x000007FEF4CA4000-memory.dmp

Filesize
80KB

Download
memory/2596-92-0x000007FEF4CB0000-0x000007FEF4CC1000-memory.dmp

Filesize
68KB

Download
memory/2596-91-0x000007FEF4CD0000-0x000007FEF4CE2000-memory.dmp

Filesize
72KB

Download
memory/2596-90-0x000007FEF4CF0000-0x000007FEF4DB5000-memory.dmp

Filesize
788KB

Download
memory/2596-95-0x000007FEF4C50000-0x000007FEF4C64000-memory.dmp

Filesize
80KB

Download
memory/2596-96-0x000007FEF4C30000-0x000007FEF4C4E000-memory.dmp

Filesize
120KB

Download
memory/2596-97-0x000007FEF4C10000-0x000007FEF4C26000-memory.dmp

Filesize
88KB

Download
memory/2596-102-0x000007FEF4B50000-0x000007FEF4B80000-memory.dmp

Filesize
192KB

Download
memory/2596-101-0x000007FEF4B80000-0x000007FEF4B92000-memory.dmp

Filesize
72KB

Download
memory/2596-100-0x000007FEF4BA0000-0x000007FEF4BCC000-memory.dmp

Filesize
176KB

Download
memory/2596-99-0x000007FEF4BD0000-0x000007FEF4BE4000-memory.dmp

Filesize
80KB

Download
memory/2596-98-0x000007FEF4BF0000-0x000007FEF4C05000-memory.dmp

Filesize
84KB

Download
memory/2596-103-0x000007FEF4B30000-0x000007FEF4B47000-memory.dmp

Filesize
92KB

Download
memory/2596-106-0x000007FEF3340000-0x000007FEF3352000-memory.dmp

Filesize
72KB

Download
memory/2596-105-0x000007FEF3360000-0x000007FEF3371000-memory.dmp

Filesize
68KB

Download
memory/2596-104-0x000007FEF3380000-0x000007FEF4B30000-memory.dmp

Filesize
23.7MB

Download
memory/2596-111-0x000007FEF30E0000-0x000007FEF3104000-memory.dmp

Filesize
144KB

Download
memory/2596-110-0x000007FEF3110000-0x000007FEF3138000-memory.dmp

Filesize
160KB

Download
memory/2596-109-0x000007FEF3140000-0x000007FEF3196000-memory.dmp

Filesize
344KB

Download
memory/2596-108-0x000007FEF31A0000-0x000007FEF31B7000-memory.dmp

Filesize
92KB

Download
memory/2596-107-0x000007FEF31C0000-0x000007FEF3338000-memory.dmp

Filesize
1.5MB

Download
memory/2596-112-0x000007FEFB120000-0x000007FEFB130000-memory.dmp

Filesize
64KB

Download
memory/2596-113-0x000007FEF30C0000-0x000007FEF30D6000-memory.dmp

Filesize
88KB

Download
memory/2596-115-0x000007FEF2FD0000-0x000007FEF3032000-memory.dmp

Filesize
392KB

Download
memory/2596-114-0x000007FEF3040000-0x000007FEF30B5000-memory.dmp

Filesize
468KB

Download
memory/2596-118-0x000007FEF2F00000-0x000007FEF2F11000-memory.dmp

Filesize
68KB

Download
memory/2596-117-0x000007FEF2F40000-0x000007FEF2F55000-memory.dmp

Filesize
84KB

Download
memory/2596-116-0x000007FEF2F60000-0x000007FEF2FCD000-memory.dmp

Filesize
436KB

Download
memory/2596-119-0x000007FEF2EE0000-0x000007FEF2EF2000-memory.dmp

Filesize
72KB

Download
memory/2596-120-0x000007FEF2D60000-0x000007FEF2EDA000-memory.dmp

Filesize
1.5MB

Download