4b6419a46d9acb50c0831be1dcb0e73e646b5a1e7193ec3340fd7f8ab1e46d1e

Analysis

max time kernel
143s
max time network
77s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
31-07-2023 22:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

assets/sounds/GF_2.ogg
Size

8KB
MD5

bfcebbd1acbb5af15dbd38556a0711ae
SHA1

f2fd464a72166d4951791111fdcb62e90de0b3f9
SHA256

0e3c528e6dda75a4ca6593c090e6f02e941696c8daebeb38a25612e35c6697ee
SHA512

7f48b732454f7efbab8584159afd9112897a145f5c99960eb0e4633605a38d2452f7228c81d6c162a32654098d7cf1425789a91713eb1edf00edad4dca93673d
SSDEEP

192:+/ttxOIOWOKxCPs4OLgd9jW5MyjqAYetJiY4YMdqKZ8m4JriGnEjz:+/tDzCPxO1qAdJiZNMKGU/

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1828	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1828	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	1828	vlc.exe
Token: SeIncBasePriorityPrivilege	1828	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe
1828	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1828	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\assets\sounds\GF_2.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:1828

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1828-59-0x000000013FB40000-0x000000013FC38000-memory.dmp

Filesize
992KB

Download
memory/1828-60-0x000007FEFB330000-0x000007FEFB364000-memory.dmp

Filesize
208KB

Download
memory/1828-61-0x000007FEF6380000-0x000007FEF6634000-memory.dmp

Filesize
2.7MB

Download
memory/1828-62-0x000007FEFBB90000-0x000007FEFBBA8000-memory.dmp

Filesize
96KB

Download
memory/1828-64-0x000007FEF7AB0000-0x000007FEF7AC1000-memory.dmp

Filesize
68KB

Download
memory/1828-63-0x000007FEF7AD0000-0x000007FEF7AE7000-memory.dmp

Filesize
92KB

Download
memory/1828-65-0x000007FEF7A90000-0x000007FEF7AA7000-memory.dmp

Filesize
92KB

Download
memory/1828-66-0x000007FEF7A70000-0x000007FEF7A81000-memory.dmp

Filesize
68KB

Download
memory/1828-67-0x000007FEF78B0000-0x000007FEF78CD000-memory.dmp

Filesize
116KB

Download
memory/1828-68-0x000007FEF7890000-0x000007FEF78A1000-memory.dmp

Filesize
68KB

Download
memory/1828-69-0x000007FEF6180000-0x000007FEF6380000-memory.dmp

Filesize
2.0MB

Download
memory/1828-70-0x000007FEF50D0000-0x000007FEF617B000-memory.dmp

Filesize
16.7MB

Download
memory/1828-72-0x000007FEF6D50000-0x000007FEF6D71000-memory.dmp

Filesize
132KB

Download
memory/1828-71-0x000007FEF72E0000-0x000007FEF731F000-memory.dmp

Filesize
252KB

Download
memory/1828-73-0x000007FEF6D30000-0x000007FEF6D48000-memory.dmp

Filesize
96KB

Download
memory/1828-74-0x000007FEF6D10000-0x000007FEF6D21000-memory.dmp

Filesize
68KB

Download
memory/1828-75-0x000007FEF6CF0000-0x000007FEF6D01000-memory.dmp

Filesize
68KB

Download
memory/1828-76-0x000007FEF50B0000-0x000007FEF50C1000-memory.dmp

Filesize
68KB

Download
memory/1828-77-0x000007FEF5090000-0x000007FEF50AB000-memory.dmp

Filesize
108KB

Download
memory/1828-78-0x000007FEF5070000-0x000007FEF5081000-memory.dmp

Filesize
68KB

Download
memory/1828-79-0x000007FEF5050000-0x000007FEF5068000-memory.dmp

Filesize
96KB

Download
memory/1828-80-0x000007FEF5020000-0x000007FEF5050000-memory.dmp

Filesize
192KB

Download
memory/1828-81-0x000007FEF4FB0000-0x000007FEF5017000-memory.dmp

Filesize
412KB

Download
memory/1828-82-0x000007FEF4F40000-0x000007FEF4FAF000-memory.dmp

Filesize
444KB

Download
memory/1828-83-0x000007FEF4F20000-0x000007FEF4F31000-memory.dmp

Filesize
68KB

Download
memory/1828-84-0x000007FEF4EC0000-0x000007FEF4F1C000-memory.dmp

Filesize
368KB

Download
memory/1828-85-0x000007FEF4D40000-0x000007FEF4EB8000-memory.dmp

Filesize
1.5MB

Download
memory/1828-86-0x000007FEF4D20000-0x000007FEF4D37000-memory.dmp

Filesize
92KB

Download
memory/1828-87-0x000007FEFB560000-0x000007FEFB570000-memory.dmp

Filesize
64KB

Download
memory/1828-88-0x000007FEF4CF0000-0x000007FEF4D1F000-memory.dmp

Filesize
188KB

Download
memory/1828-89-0x000007FEF4CD0000-0x000007FEF4CE1000-memory.dmp

Filesize
68KB

Download
memory/1828-90-0x000007FEF4CB0000-0x000007FEF4CC6000-memory.dmp

Filesize
88KB

Download
memory/1828-91-0x000007FEF4BE0000-0x000007FEF4CA5000-memory.dmp

Filesize
788KB

Download
memory/1828-92-0x000007FEF4BC0000-0x000007FEF4BD5000-memory.dmp

Filesize
84KB

Download
memory/1828-93-0x000007FEF4BA0000-0x000007FEF4BB1000-memory.dmp

Filesize
68KB

Download
memory/1828-94-0x000007FEF4B60000-0x000007FEF4B72000-memory.dmp

Filesize
72KB

Download
memory/1828-95-0x000007FEF49E0000-0x000007FEF4B5A000-memory.dmp

Filesize
1.5MB

Download