4b6419a46d9acb50c0831be1dcb0e73e646b5a1e7193ec3340fd7f8ab1e46d1e

Analysis

max time kernel
143s
max time network
88s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
31/07/2023, 22:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

assets/music/gameOver.ogg
Size

693KB
MD5

859bc2fd5c210d33a78c1f5cd91d3b0f
SHA1

aff6e7ed13d20b26710a101566ae1efa5976d34e
SHA256

0cb7c7c955aa1bfb6b78bda9e54b99de538946afd86ea310aabeb082f879e9b1
SHA512

206053af5b5e93fe3d7649f11e380fc3623a67646a126841bd7b7d0f558e0a92156ab87c157f3a247e0859cbd1750e2c2886409651779b13a84fd9886883d61e
SSDEEP

12288:lu8jPTVAB+ID/6i8CKvgFBEZf1MA7+g/ClEP2Jm9D6FPUDXV0kCapJHU3GzJ6:wMTVA9fRE/hKeP2cNeUR0hOpzo

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2440	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2440	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2440	vlc.exe
Token: SeIncBasePriorityPrivilege	2440	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe
2440	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2440	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\assets\music\gameOver.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2440-59-0x000000013FDD0000-0x000000013FEC8000-memory.dmp

Filesize
992KB

Download
memory/2440-60-0x000007FEF7E80000-0x000007FEF7EB4000-memory.dmp

Filesize
208KB

Download
memory/2440-61-0x000007FEF67D0000-0x000007FEF6A84000-memory.dmp

Filesize
2.7MB

Download
memory/2440-62-0x000007FEFBB90000-0x000007FEFBBA8000-memory.dmp

Filesize
96KB

Download
memory/2440-64-0x000007FEFB7A0000-0x000007FEFB7B1000-memory.dmp

Filesize
68KB

Download
memory/2440-65-0x000007FEF7F70000-0x000007FEF7F87000-memory.dmp

Filesize
92KB

Download
memory/2440-67-0x000007FEF7D10000-0x000007FEF7D2D000-memory.dmp

Filesize
116KB

Download
memory/2440-66-0x000007FEF7D30000-0x000007FEF7D41000-memory.dmp

Filesize
68KB

Download
memory/2440-63-0x000007FEFB8A0000-0x000007FEFB8B7000-memory.dmp

Filesize
92KB

Download
memory/2440-68-0x000007FEF65D0000-0x000007FEF67D0000-memory.dmp

Filesize
2.0MB

Download
memory/2440-69-0x000007FEF7CF0000-0x000007FEF7D01000-memory.dmp

Filesize
68KB

Download
memory/2440-70-0x000007FEF7CB0000-0x000007FEF7CEF000-memory.dmp

Filesize
252KB

Download
memory/2440-71-0x000007FEF7160000-0x000007FEF7181000-memory.dmp

Filesize
132KB

Download
memory/2440-72-0x000007FEF7C90000-0x000007FEF7CA8000-memory.dmp

Filesize
96KB

Download
memory/2440-74-0x000007FEF7120000-0x000007FEF7131000-memory.dmp

Filesize
68KB

Download
memory/2440-73-0x000007FEF7140000-0x000007FEF7151000-memory.dmp

Filesize
68KB

Download
memory/2440-76-0x000007FEF7100000-0x000007FEF7111000-memory.dmp

Filesize
68KB

Download
memory/2440-78-0x000007FEF54E0000-0x000007FEF54F1000-memory.dmp

Filesize
68KB

Download
memory/2440-80-0x000007FEF5490000-0x000007FEF54C0000-memory.dmp

Filesize
192KB

Download
memory/2440-79-0x000007FEF54C0000-0x000007FEF54D8000-memory.dmp

Filesize
96KB

Download
memory/2440-81-0x000007FEF5420000-0x000007FEF5487000-memory.dmp

Filesize
412KB

Download
memory/2440-77-0x000007FEF5500000-0x000007FEF551B000-memory.dmp

Filesize
108KB

Download
memory/2440-82-0x000007FEF53B0000-0x000007FEF541F000-memory.dmp

Filesize
444KB

Download
memory/2440-75-0x000007FEF5520000-0x000007FEF65CB000-memory.dmp

Filesize
16.7MB

Download
memory/2440-83-0x000007FEF5390000-0x000007FEF53A1000-memory.dmp

Filesize
68KB

Download
memory/2440-84-0x000007FEF5330000-0x000007FEF538C000-memory.dmp

Filesize
368KB

Download
memory/2440-85-0x000007FEF51B0000-0x000007FEF5328000-memory.dmp

Filesize
1.5MB

Download
memory/2440-86-0x000007FEF5190000-0x000007FEF51A7000-memory.dmp

Filesize
92KB

Download
memory/2440-87-0x000007FEFB990000-0x000007FEFB9A0000-memory.dmp

Filesize
64KB

Download
memory/2440-88-0x000007FEF5160000-0x000007FEF518F000-memory.dmp

Filesize
188KB

Download
memory/2440-89-0x000007FEF5140000-0x000007FEF5151000-memory.dmp

Filesize
68KB

Download
memory/2440-90-0x000007FEF5120000-0x000007FEF5136000-memory.dmp

Filesize
88KB

Download
memory/2440-91-0x000007FEF5050000-0x000007FEF5115000-memory.dmp

Filesize
788KB

Download
memory/2440-93-0x000007FEF4FF0000-0x000007FEF5001000-memory.dmp

Filesize
68KB

Download
memory/2440-92-0x000007FEF5030000-0x000007FEF5045000-memory.dmp

Filesize
84KB

Download
memory/2440-94-0x000007FEF4FD0000-0x000007FEF4FE2000-memory.dmp

Filesize
72KB

Download
memory/2440-95-0x000007FEF4E50000-0x000007FEF4FCA000-memory.dmp

Filesize
1.5MB

Download
memory/2440-112-0x000007FEF5520000-0x000007FEF65CB000-memory.dmp

Filesize
16.7MB

Download