ac0f683632e27a7ea2f6ee14c27e76073881842ed81cc6b961ac1f274515360a

Analysis

max time kernel
148s
max time network
130s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
10/07/2023, 23:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Sploot/Sploot/Sploot/audio/slap.mp3
Size

13KB
MD5

4a7e75c9fea7fb11deb7752322903c99
SHA1

de49e8045d686dc05b451ad808348fa48824f874
SHA256

41f8336f22b52fa5f01929361cd7977a7e6722614c4d578e2a52eccbb56b7472
SHA512

e2ecc49afd816b701d5eec012cd78bcfb7cbe6451790d17b71ee9009b049ff7d7c30e11621b20230ab1e9d155563fdf21f05eeb3abdbb1583e437c1a118d8909
SSDEEP

384:b+nstFunF5MUNJ0Vwy5xRlCzjRrx6K0poMysI:ustFkfP0V/Lel96ThI

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
752	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
752	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	752	vlc.exe
Token: SeIncBasePriorityPrivilege	752	vlc.exe

Suspicious use of FindShellTrayWindow 10 IoCs

pid	Process
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe

Suspicious use of SendNotifyMessage 9 IoCs

pid	Process
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe
752	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
752	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Sploot\Sploot\Sploot\audio\slap.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/752-54-0x000000013F1B0000-0x000000013F2A8000-memory.dmp

Filesize
992KB

Download
memory/752-55-0x000007FEF7E50000-0x000007FEF7E84000-memory.dmp

Filesize
208KB

Download
memory/752-56-0x000007FEF66D0000-0x000007FEF6984000-memory.dmp

Filesize
2.7MB

Download
memory/752-57-0x000007FEFBA10000-0x000007FEFBA28000-memory.dmp

Filesize
96KB

Download
memory/752-58-0x000007FEFB7B0000-0x000007FEFB7C7000-memory.dmp

Filesize
92KB

Download
memory/752-59-0x000007FEFB6A0000-0x000007FEFB6B1000-memory.dmp

Filesize
68KB

Download
memory/752-60-0x000007FEF7E30000-0x000007FEF7E47000-memory.dmp

Filesize
92KB

Download
memory/752-61-0x000007FEF7E10000-0x000007FEF7E21000-memory.dmp

Filesize
68KB

Download
memory/752-62-0x000007FEF7C50000-0x000007FEF7C6D000-memory.dmp

Filesize
116KB

Download
memory/752-63-0x000007FEF7C30000-0x000007FEF7C41000-memory.dmp

Filesize
68KB

Download
memory/752-64-0x000007FEF64D0000-0x000007FEF66D0000-memory.dmp

Filesize
2.0MB

Download
memory/752-65-0x000007FEF5190000-0x000007FEF623B000-memory.dmp

Filesize
16.7MB

Download
memory/752-66-0x000007FEF7BF0000-0x000007FEF7C2F000-memory.dmp

Filesize
252KB

Download
memory/752-67-0x000007FEFB6C0000-0x000007FEFB6E1000-memory.dmp

Filesize
132KB

Download
memory/752-68-0x000007FEF7BD0000-0x000007FEF7BE8000-memory.dmp

Filesize
96KB

Download
memory/752-69-0x000007FEF7BB0000-0x000007FEF7BC1000-memory.dmp

Filesize
68KB

Download
memory/752-70-0x000007FEF7B90000-0x000007FEF7BA1000-memory.dmp

Filesize
68KB

Download
memory/752-71-0x000007FEF7070000-0x000007FEF7081000-memory.dmp

Filesize
68KB

Download
memory/752-73-0x000007FEF7030000-0x000007FEF7041000-memory.dmp

Filesize
68KB

Download
memory/752-72-0x000007FEF7050000-0x000007FEF706B000-memory.dmp

Filesize
108KB

Download
memory/752-74-0x000007FEF7010000-0x000007FEF7028000-memory.dmp

Filesize
96KB

Download
memory/752-75-0x000007FEF64A0000-0x000007FEF64D0000-memory.dmp

Filesize
192KB

Download
memory/752-76-0x000007FEF6430000-0x000007FEF6497000-memory.dmp

Filesize
412KB

Download
memory/752-84-0x000007FEF66D0000-0x000007FEF6984000-memory.dmp

Filesize
2.7MB

Download
memory/752-93-0x000007FEF5190000-0x000007FEF623B000-memory.dmp

Filesize
16.7MB

Download
memory/752-105-0x000007FEF63C0000-0x000007FEF642F000-memory.dmp

Filesize
444KB

Download
memory/752-106-0x000007FEF63A0000-0x000007FEF63B1000-memory.dmp

Filesize
68KB

Download
memory/752-108-0x000007FEF6320000-0x000007FEF6376000-memory.dmp

Filesize
344KB

Download
memory/752-107-0x000007FEF6380000-0x000007FEF6397000-memory.dmp

Filesize
92KB

Download
memory/752-109-0x000007FEF62F0000-0x000007FEF6318000-memory.dmp

Filesize
160KB

Download
memory/752-110-0x000007FEF62C0000-0x000007FEF62E4000-memory.dmp

Filesize
144KB

Download
memory/752-111-0x000007FEF6290000-0x000007FEF62B3000-memory.dmp

Filesize
140KB

Download
memory/752-112-0x000007FEF5170000-0x000007FEF5181000-memory.dmp

Filesize
68KB

Download
memory/752-113-0x000007FEF5150000-0x000007FEF5162000-memory.dmp

Filesize
72KB

Download
memory/752-114-0x000007FEF5120000-0x000007FEF5141000-memory.dmp

Filesize
132KB

Download
memory/752-115-0x000007FEF5100000-0x000007FEF5113000-memory.dmp

Filesize
76KB

Download
memory/752-116-0x000007FEF50E0000-0x000007FEF50F2000-memory.dmp

Filesize
72KB

Download
memory/752-118-0x000007FEF4F70000-0x000007FEF4F9C000-memory.dmp

Filesize
176KB

Download
memory/752-117-0x000007FEF4FA0000-0x000007FEF50DB000-memory.dmp

Filesize
1.2MB

Download
memory/752-119-0x000007FEF4DB0000-0x000007FEF4F62000-memory.dmp

Filesize
1.7MB

Download
memory/752-120-0x000007FEF4D50000-0x000007FEF4DAC000-memory.dmp

Filesize
368KB

Download
memory/752-121-0x000007FEF4D30000-0x000007FEF4D41000-memory.dmp

Filesize
68KB

Download
memory/752-122-0x000007FEF4C90000-0x000007FEF4D27000-memory.dmp

Filesize
604KB

Download