61630adf63a47f6e53d2eba340dab6b060bf2d2787604dfe3058858a3609f0a6

Analysis

max time kernel
142s
max time network
134s
platform
windows7_x64
resource
win7-20231023-es
resource tags

arch:x64arch:x86image:win7-20231023-eslocale:es-esos:windows7-x64systemwindows
submitted
07/11/2023, 13:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

ANGRY.ogg
Size

5KB
MD5

c4dc8c1c11eb1c0ba21ad35e7a1623f5
SHA1

b0e6fda069030c211f44bb1b15141b7c227fc652
SHA256

6b6484915572386e41942517b519f308864cc6f91af862f6bcac7ad13536b6b2
SHA512

4f5879c9965a66c8103b61d2860cbde66f6d755d948e203c62080f4993201341e73f7804dc4e7aa9f1838ffcbb161c9bcde07826d423e653d9927eb46e04bdb8
SSDEEP

96:V/bBoqxPmBodq9y9W0WTFuTX7lq9CQOM6LcDYQXXllB:V/ttxOqdm9TTYlqgiUgXllB

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1124	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1124	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	1124	vlc.exe
Token: SeIncBasePriorityPrivilege	1124	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe
1124	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1124	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\ANGRY.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:1124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1124-5-0x000000013F360000-0x000000013F458000-memory.dmp

Filesize
992KB

Download
memory/1124-6-0x000007FEFAD40000-0x000007FEFAD74000-memory.dmp

Filesize
208KB

Download
memory/1124-7-0x000007FEF5A90000-0x000007FEF5D44000-memory.dmp

Filesize
2.7MB

Download
memory/1124-8-0x000007FEFB780000-0x000007FEFB798000-memory.dmp

Filesize
96KB

Download
memory/1124-9-0x000007FEFAEE0000-0x000007FEFAEF7000-memory.dmp

Filesize
92KB

Download
memory/1124-10-0x000007FEFAE70000-0x000007FEFAE81000-memory.dmp

Filesize
68KB

Download
memory/1124-11-0x000007FEFAB60000-0x000007FEFAB77000-memory.dmp

Filesize
92KB

Download
memory/1124-12-0x000007FEF7790000-0x000007FEF77A1000-memory.dmp

Filesize
68KB

Download
memory/1124-13-0x000007FEF7770000-0x000007FEF778D000-memory.dmp

Filesize
116KB

Download
memory/1124-14-0x000007FEF7700000-0x000007FEF7711000-memory.dmp

Filesize
68KB

Download
memory/1124-15-0x000007FEF5890000-0x000007FEF5A90000-memory.dmp

Filesize
2.0MB

Download
memory/1124-16-0x000007FEF47E0000-0x000007FEF588B000-memory.dmp

Filesize
16.7MB

Download
memory/1124-17-0x000007FEF76C0000-0x000007FEF76FF000-memory.dmp

Filesize
252KB

Download
memory/1124-18-0x000007FEF7690000-0x000007FEF76B1000-memory.dmp

Filesize
132KB

Download
memory/1124-19-0x000007FEF7670000-0x000007FEF7688000-memory.dmp

Filesize
96KB

Download
memory/1124-20-0x000007FEF6910000-0x000007FEF6921000-memory.dmp

Filesize
68KB

Download
memory/1124-21-0x000007FEF68F0000-0x000007FEF6901000-memory.dmp

Filesize
68KB

Download
memory/1124-22-0x000007FEF68D0000-0x000007FEF68E1000-memory.dmp

Filesize
68KB

Download
memory/1124-23-0x000007FEF68B0000-0x000007FEF68CB000-memory.dmp

Filesize
108KB

Download
memory/1124-24-0x000007FEF6890000-0x000007FEF68A1000-memory.dmp

Filesize
68KB

Download
memory/1124-25-0x000007FEF6870000-0x000007FEF6888000-memory.dmp

Filesize
96KB

Download
memory/1124-26-0x000007FEF6840000-0x000007FEF6870000-memory.dmp

Filesize
192KB

Download
memory/1124-27-0x000007FEF67D0000-0x000007FEF6837000-memory.dmp

Filesize
412KB

Download
memory/1124-28-0x000007FEF6210000-0x000007FEF627F000-memory.dmp

Filesize
444KB

Download
memory/1124-29-0x000007FEF67B0000-0x000007FEF67C1000-memory.dmp

Filesize
68KB

Download
memory/1124-30-0x000007FEF6170000-0x000007FEF61CC000-memory.dmp

Filesize
368KB

Download
memory/1124-31-0x000007FEF4660000-0x000007FEF47D8000-memory.dmp

Filesize
1.5MB

Download
memory/1124-32-0x000007FEF6790000-0x000007FEF67A7000-memory.dmp

Filesize
92KB

Download
memory/1124-33-0x000007FEFAF20000-0x000007FEFAF30000-memory.dmp

Filesize
64KB

Download
memory/1124-34-0x000007FEF6140000-0x000007FEF616F000-memory.dmp

Filesize
188KB

Download
memory/1124-35-0x000007FEF6770000-0x000007FEF6781000-memory.dmp

Filesize
68KB

Download
memory/1124-36-0x000007FEF6120000-0x000007FEF6136000-memory.dmp

Filesize
88KB

Download
memory/1124-37-0x000007FEF4590000-0x000007FEF4655000-memory.dmp

Filesize
788KB

Download
memory/1124-38-0x000007FEF6100000-0x000007FEF6115000-memory.dmp

Filesize
84KB

Download
memory/1124-39-0x000007FEF60E0000-0x000007FEF60F1000-memory.dmp

Filesize
68KB

Download
memory/1124-40-0x000007FEF4570000-0x000007FEF4582000-memory.dmp

Filesize
72KB

Download
memory/1124-41-0x000007FEF43F0000-0x000007FEF456A000-memory.dmp

Filesize
1.5MB

Download
memory/1124-42-0x000007FEF43D0000-0x000007FEF43E3000-memory.dmp

Filesize
76KB

Download
memory/1124-44-0x000007FEF4390000-0x000007FEF43A1000-memory.dmp

Filesize
68KB

Download
memory/1124-43-0x000007FEF43B0000-0x000007FEF43C4000-memory.dmp

Filesize
80KB

Download
memory/1124-45-0x000007FEF4370000-0x000007FEF4381000-memory.dmp

Filesize
68KB

Download
memory/1124-46-0x000007FEF4350000-0x000007FEF4361000-memory.dmp

Filesize
68KB

Download