bb384e8d3f767abae34e0f413d7f9d991202190f14389b681d5514f2d732e5ae

Analysis

max time kernel
199s
max time network
138s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
02/11/2023, 22:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

mus_a2.ogg
Size

186KB
MD5

ee6282e61da71efdd1da75676044c0a1
SHA1

6caffe6d1838fb16138ed30f1f89890ac7e5df5b
SHA256

244ca709fe88618b2ae34a2767bdea7ea6b79df4f795b5f4fc00eab3c03e2ba7
SHA512

3f81d07e73c0dbda25c3af2440bcf1e25e1dcb568fd1c2d337d615ee833179053f5e7983048dd5db258a0116604abc27ee3919397939e3dad95c23ae0b983cec
SSDEEP

3072:aC7TTJRfpZ+Y1ZKJcawzcGvyNNoM9XAAnan0qEPqs39UXk4cM3gIL+7wDBHk/:LdRxZ+YKJcawzcNl9X7Ys3mUxIayBHk/

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2784	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2784	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2784	vlc.exe
Token: SeIncBasePriorityPrivilege	2784	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe
2784	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2784	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\mus_a2.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2784

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2784-0-0x000000013F2D0000-0x000000013F3C8000-memory.dmp

Filesize
992KB

Download
memory/2784-6-0x000007FEF7080000-0x000007FEF70B4000-memory.dmp

Filesize
208KB

Download
memory/2784-7-0x000007FEF5D00000-0x000007FEF5FB4000-memory.dmp

Filesize
2.7MB

Download
memory/2784-10-0x000007FEFAD40000-0x000007FEFAD51000-memory.dmp

Filesize
68KB

Download
memory/2784-13-0x000007FEF7060000-0x000007FEF707D000-memory.dmp

Filesize
116KB

Download
memory/2784-14-0x000007FEF6A60000-0x000007FEF6A71000-memory.dmp

Filesize
68KB

Download
memory/2784-12-0x000007FEF75E0000-0x000007FEF75F1000-memory.dmp

Filesize
68KB

Download
memory/2784-11-0x000007FEFAB40000-0x000007FEFAB57000-memory.dmp

Filesize
92KB

Download
memory/2784-9-0x000007FEFB020000-0x000007FEFB037000-memory.dmp

Filesize
92KB

Download
memory/2784-8-0x000007FEFB860000-0x000007FEFB878000-memory.dmp

Filesize
96KB

Download
memory/2784-15-0x000007FEF5B00000-0x000007FEF5D00000-memory.dmp

Filesize
2.0MB

Download
memory/2784-17-0x000007FEF6420000-0x000007FEF6441000-memory.dmp

Filesize
132KB

Download
memory/2784-18-0x000007FEF6400000-0x000007FEF6418000-memory.dmp

Filesize
96KB

Download
memory/2784-16-0x000007FEF6450000-0x000007FEF648F000-memory.dmp

Filesize
252KB

Download
memory/2784-19-0x000007FEF4A50000-0x000007FEF5AFB000-memory.dmp

Filesize
16.7MB

Download
memory/2784-20-0x000007FEF6240000-0x000007FEF6251000-memory.dmp

Filesize
68KB

Download
memory/2784-21-0x000007FEF6220000-0x000007FEF6231000-memory.dmp

Filesize
68KB

Download
memory/2784-23-0x000007FEF61E0000-0x000007FEF61FB000-memory.dmp

Filesize
108KB

Download
memory/2784-25-0x000007FEF61A0000-0x000007FEF61B8000-memory.dmp

Filesize
96KB

Download
memory/2784-27-0x000007FEF49E0000-0x000007FEF4A47000-memory.dmp

Filesize
412KB

Download
memory/2784-26-0x000007FEF6120000-0x000007FEF6150000-memory.dmp

Filesize
192KB

Download
memory/2784-28-0x000007FEF4970000-0x000007FEF49DF000-memory.dmp

Filesize
444KB

Download
memory/2784-29-0x000007FEF6100000-0x000007FEF6111000-memory.dmp

Filesize
68KB

Download
memory/2784-30-0x000007FEF4910000-0x000007FEF496C000-memory.dmp

Filesize
368KB

Download
memory/2784-24-0x000007FEF61C0000-0x000007FEF61D1000-memory.dmp

Filesize
68KB

Download
memory/2784-22-0x000007FEF6200000-0x000007FEF6211000-memory.dmp

Filesize
68KB

Download
memory/2784-31-0x000007FEF4790000-0x000007FEF4908000-memory.dmp

Filesize
1.5MB

Download
memory/2784-32-0x000007FEF4770000-0x000007FEF4787000-memory.dmp

Filesize
92KB

Download
memory/2784-34-0x000007FEF4740000-0x000007FEF476F000-memory.dmp

Filesize
188KB

Download
memory/2784-35-0x000007FEF4720000-0x000007FEF4731000-memory.dmp

Filesize
68KB

Download
memory/2784-33-0x000007FEFB0B0000-0x000007FEFB0C0000-memory.dmp

Filesize
64KB

Download
memory/2784-36-0x000007FEF4700000-0x000007FEF4716000-memory.dmp

Filesize
88KB

Download
memory/2784-37-0x000007FEF4630000-0x000007FEF46F5000-memory.dmp

Filesize
788KB

Download
memory/2784-38-0x000007FEF4610000-0x000007FEF4625000-memory.dmp

Filesize
84KB

Download
memory/2784-53-0x000007FEF4A50000-0x000007FEF5AFB000-memory.dmp

Filesize
16.7MB

Download