Overview

overview

7

Static

static

7

ItsOnFire.apk

android-9-x86

ItsOnFire.apk

android-10-x64

ItsOnFire.apk

android-11-x64

1

baseline.prof

windows7-x64

3

baseline.prof

windows10-2004-x64

3

baseline.profm

windows7-x64

3

baseline.profm

windows10-2004-x64

3

damageshelter.ogg

windows7-x64

1

damageshelter.ogg

windows10-2004-x64

7

invaderexplode.ogg

windows7-x64

1

invaderexplode.ogg

windows10-2004-x64

7

oh.ogg

windows7-x64

1

oh.ogg

windows10-2004-x64

7

playerexplode.ogg

windows7-x64

1

playerexplode.ogg

windows10-2004-x64

7

shoot.ogg

windows7-x64

1

shoot.ogg

windows10-2004-x64

7

uh.ogg

windows7-x64

1

uh.ogg

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    04-10-2023 07:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    oh.ogg

  • Size

    10KB

  • MD5

    cfe9690ba3e211c18e62c72fd79eef19

  • SHA1

    7abe861a5152f09f9e787e82a1db82a1deac157b

  • SHA256

    18e02aec04c077843b0deee0ffffc2199d413da7e2058c5f121f65bfc184e8c2

  • SHA512

    1beb6ca6ee6026eff9cda637f0cf2694521de95056938d6f142f38d103610d227b1b3e2b13e05e5d1f5cd056d5de54bc86285746a46c613154612994bb98c6b8

  • SSDEEP

    192:umP9hVauKEoLHMb+Etefm0+7UXtztAzyTLu8:umVhmbwbxtm3Zyu

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\oh.ogg"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1952-5-0x000000013FE20000-0x000000013FF18000-memory.dmp

    Filesize

    992KB

    Download

  • memory/1952-6-0x000007FEF7780000-0x000007FEF77B4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1952-7-0x000007FEF5DB0000-0x000007FEF6064000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/1952-8-0x000007FEFB4D0000-0x000007FEFB4E8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1952-9-0x000007FEF7830000-0x000007FEF7847000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1952-10-0x000007FEF77F0000-0x000007FEF7801000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-11-0x000007FEF7560000-0x000007FEF7577000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1952-12-0x000007FEF6FA0000-0x000007FEF6FB1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-13-0x000007FEF6F80000-0x000007FEF6F9D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/1952-14-0x000007FEF6B60000-0x000007FEF6B71000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-15-0x000007FEF5BB0000-0x000007FEF5DB0000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1952-16-0x000007FEF4B00000-0x000007FEF5BAB000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/1952-17-0x000007FEF6960000-0x000007FEF699F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/1952-18-0x000007FEF6930000-0x000007FEF6951000-memory.dmp

    Filesize

    132KB

    Download

  • memory/1952-20-0x000007FEF6560000-0x000007FEF6571000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-21-0x000007FEF6540000-0x000007FEF6551000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-26-0x000007FEF6440000-0x000007FEF6470000-memory.dmp

    Filesize

    192KB

    Download

  • memory/1952-27-0x000007FEF4A90000-0x000007FEF4AF7000-memory.dmp

    Filesize

    412KB

    Download

  • memory/1952-25-0x000007FEF6470000-0x000007FEF6488000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1952-24-0x000007FEF6490000-0x000007FEF64A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-28-0x000007FEF4A20000-0x000007FEF4A8F000-memory.dmp

    Filesize

    444KB

    Download

  • memory/1952-23-0x000007FEF64B0000-0x000007FEF64CB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1952-29-0x000007FEF6420000-0x000007FEF6431000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-22-0x000007FEF64D0000-0x000007FEF64E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-19-0x000007FEF6580000-0x000007FEF6598000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1952-30-0x000007FEF49C0000-0x000007FEF4A1C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/1952-31-0x000007FEF4960000-0x000007FEF49B6000-memory.dmp

    Filesize

    344KB

    Download

  • memory/1952-32-0x000007FEF63F0000-0x000007FEF6418000-memory.dmp

    Filesize

    160KB

    Download

  • memory/1952-33-0x000007FEF4930000-0x000007FEF4954000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1952-34-0x000007FEF4910000-0x000007FEF4927000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1952-35-0x000007FEF48E0000-0x000007FEF4903000-memory.dmp

    Filesize

    140KB

    Download

  • memory/1952-36-0x000007FEF48C0000-0x000007FEF48D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-37-0x000007FEF48A0000-0x000007FEF48B2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/1952-38-0x000007FEF4870000-0x000007FEF4891000-memory.dmp

    Filesize

    132KB

    Download

  • memory/1952-39-0x000007FEF4850000-0x000007FEF4863000-memory.dmp

    Filesize

    76KB

    Download

  • memory/1952-40-0x000007FEF46D0000-0x000007FEF4848000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1952-41-0x000007FEF46B0000-0x000007FEF46C7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1952-42-0x000007FEF77E0000-0x000007FEF77F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1952-43-0x000007FEF4680000-0x000007FEF46AF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1952-44-0x000007FEF4660000-0x000007FEF4671000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-45-0x000007FEF4640000-0x000007FEF4656000-memory.dmp

    Filesize

    88KB

    Download

  • memory/1952-46-0x000007FEF4620000-0x000007FEF4635000-memory.dmp

    Filesize

    84KB

    Download

  • memory/1952-47-0x000007FEF4600000-0x000007FEF4611000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-48-0x000007FEF45C0000-0x000007FEF45D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/1952-49-0x000007FEF4440000-0x000007FEF45BA000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1952-50-0x000007FEF4420000-0x000007FEF4433000-memory.dmp

    Filesize

    76KB

    Download

  • memory/1952-51-0x000007FEF4400000-0x000007FEF4414000-memory.dmp

    Filesize

    80KB

    Download

  • memory/1952-52-0x000007FEF43E0000-0x000007FEF43F1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-53-0x000007FEF43C0000-0x000007FEF43D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-54-0x000007FEF43A0000-0x000007FEF43B1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1952-55-0x000007FEF4380000-0x000007FEF4396000-memory.dmp

    Filesize

    88KB

    Download