4b6419a46d9acb50c0831be1dcb0e73e646b5a1e7193ec3340fd7f8ab1e46d1e

Analysis

max time kernel
141s
max time network
105s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
31-07-2023 22:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

assets/sounds/Lights_Shut_off.ogg
Size

54KB
MD5

4bbd83f50c175f7bf489cfc6be71e52b
SHA1

3febdc21fe88d1adc800d3cd2cf2fd89785606f4
SHA256

3787135c2c72607577572b915cfd04a32a7c44669fade5540cc876e8eda39c2b
SHA512

5f06bf945ced7f7014209c144f57372f9ea254221ab1e22fca0e373236bdaa05ae33cdd81c94c8f1807fe07d5a172b006810fc419a4b13294999591aab15d3be
SSDEEP

768:x4P0PLLGeWY6dEMFD6JB0yv80U3P5OBJsA0KX72/zVO/JFOcI6ioWJf8xQGj9/Ne:hdWQMQytIJsAVCrVqFOsWJfW/NJTCEiJ

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2848	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2848	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2848	vlc.exe
Token: SeIncBasePriorityPrivilege	2848	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe
2848	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2848	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\assets\sounds\Lights_Shut_off.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2848-59-0x000000013FB70000-0x000000013FC68000-memory.dmp

Filesize
992KB

Download
memory/2848-60-0x000007FEF7C10000-0x000007FEF7C44000-memory.dmp

Filesize
208KB

Download
memory/2848-61-0x000007FEF6210000-0x000007FEF64C4000-memory.dmp

Filesize
2.7MB

Download
memory/2848-62-0x000007FEFB900000-0x000007FEFB918000-memory.dmp

Filesize
96KB

Download
memory/2848-63-0x000007FEFAC00000-0x000007FEFAC17000-memory.dmp

Filesize
92KB

Download
memory/2848-64-0x000007FEF6EE0000-0x000007FEF6EF1000-memory.dmp

Filesize
68KB

Download
memory/2848-65-0x000007FEF6EC0000-0x000007FEF6ED7000-memory.dmp

Filesize
92KB

Download
memory/2848-66-0x000007FEF6EA0000-0x000007FEF6EB1000-memory.dmp

Filesize
68KB

Download
memory/2848-67-0x000007FEF6A10000-0x000007FEF6A2D000-memory.dmp

Filesize
116KB

Download
memory/2848-68-0x000007FEF69F0000-0x000007FEF6A01000-memory.dmp

Filesize
68KB

Download
memory/2848-69-0x000007FEF5160000-0x000007FEF620B000-memory.dmp

Filesize
16.7MB

Download
memory/2848-70-0x000007FEF4F60000-0x000007FEF5160000-memory.dmp

Filesize
2.0MB

Download
memory/2848-71-0x000007FEF6910000-0x000007FEF694F000-memory.dmp

Filesize
252KB

Download
memory/2848-72-0x000007FEF69C0000-0x000007FEF69E1000-memory.dmp

Filesize
132KB

Download
memory/2848-73-0x000007FEF68F0000-0x000007FEF6908000-memory.dmp

Filesize
96KB

Download
memory/2848-74-0x000007FEF68D0000-0x000007FEF68E1000-memory.dmp

Filesize
68KB

Download
memory/2848-75-0x000007FEF68B0000-0x000007FEF68C1000-memory.dmp

Filesize
68KB

Download
memory/2848-76-0x000007FEF6890000-0x000007FEF68A1000-memory.dmp

Filesize
68KB

Download
memory/2848-77-0x000007FEF6870000-0x000007FEF688B000-memory.dmp

Filesize
108KB

Download
memory/2848-78-0x000007FEF6850000-0x000007FEF6861000-memory.dmp

Filesize
68KB

Download
memory/2848-79-0x000007FEF4F40000-0x000007FEF4F58000-memory.dmp

Filesize
96KB

Download
memory/2848-80-0x000007FEF4F10000-0x000007FEF4F40000-memory.dmp

Filesize
192KB

Download
memory/2848-81-0x000007FEF4EA0000-0x000007FEF4F07000-memory.dmp

Filesize
412KB

Download
memory/2848-84-0x000007FEF4DB0000-0x000007FEF4E0C000-memory.dmp

Filesize
368KB

Download
memory/2848-83-0x000007FEF4E10000-0x000007FEF4E21000-memory.dmp

Filesize
68KB

Download
memory/2848-82-0x000007FEF4E30000-0x000007FEF4E9F000-memory.dmp

Filesize
444KB

Download
memory/2848-85-0x000007FEF4C30000-0x000007FEF4DA8000-memory.dmp

Filesize
1.5MB

Download
memory/2848-86-0x000007FEF4C10000-0x000007FEF4C27000-memory.dmp

Filesize
92KB

Download
memory/2848-87-0x000007FEFABF0000-0x000007FEFAC00000-memory.dmp

Filesize
64KB

Download
memory/2848-88-0x000007FEF4BE0000-0x000007FEF4C0F000-memory.dmp

Filesize
188KB

Download
memory/2848-89-0x000007FEF4BC0000-0x000007FEF4BD1000-memory.dmp

Filesize
68KB

Download
memory/2848-90-0x000007FEF4BA0000-0x000007FEF4BB6000-memory.dmp

Filesize
88KB

Download
memory/2848-91-0x000007FEF4AD0000-0x000007FEF4B95000-memory.dmp

Filesize
788KB

Download
memory/2848-92-0x000007FEF4AB0000-0x000007FEF4AC5000-memory.dmp

Filesize
84KB

Download
memory/2848-93-0x000007FEF4A70000-0x000007FEF4A81000-memory.dmp

Filesize
68KB

Download
memory/2848-94-0x000007FEF4A50000-0x000007FEF4A62000-memory.dmp

Filesize
72KB

Download
memory/2848-95-0x000007FEF48D0000-0x000007FEF4A4A000-memory.dmp

Filesize
1.5MB

Download