Overview

overview

7

Static

static

7

ANGRY.ogg

windows7-x64

1

ANGRY.ogg

windows10-2004-x64

7

ANGRY_TEXT_BOX.ogg

windows7-x64

1

ANGRY_TEXT_BOX.ogg

windows10-2004-x64

7

Animation.json

windows7-x64

3

Animation.json

windows10-2004-x64

3

BF_Dialogue.png

windows7-x64

3

BF_Dialogue.png

windows10-2004-x64

3

BF_Dialogue.xml

windows7-x64

1

BF_Dialogue.xml

windows10-2004-x64

1

BOYFRIEND.png

windows7-x64

3

BOYFRIEND.png

windows10-2004-x64

3

BOYFRIEND.xml

windows7-x64

1

BOYFRIEND.xml

windows10-2004-x64

1

BOYFRIEND_DEAD.png

windows7-x64

3

BOYFRIEND_DEAD.png

windows10-2004-x64

3

BOYFRIEND_DEAD.xml

windows7-x64

1

BOYFRIEND_DEAD.xml

windows10-2004-x64

1

DADDY_DEAREST.png

windows7-x64

3

DADDY_DEAREST.png

windows10-2004-x64

3

DADDY_DEAREST.xml

windows7-x64

1

DADDY_DEAREST.xml

windows10-2004-x64

1

DISTORTO.ogg

windows7-x64

1

DISTORTO.ogg

windows10-2004-x64

7

GF_1.ogg

windows7-x64

1

GF_1.ogg

windows10-2004-x64

7

GF_2.ogg

windows7-x64

1

GF_2.ogg

windows10-2004-x64

7

GF_3.ogg

windows7-x64

1

GF_3.ogg

windows10-2004-x64

7

GF_4.ogg

windows7-x64

1

GF_4.ogg

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    158s
  • platform
    windows7_x64
  • resource
    win7-20231020-es
  • resource tags

    arch:x64arch:x86image:win7-20231020-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    07/11/2023, 13:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    GF_2.ogg

  • Size

    8KB

  • MD5

    bfcebbd1acbb5af15dbd38556a0711ae

  • SHA1

    f2fd464a72166d4951791111fdcb62e90de0b3f9

  • SHA256

    0e3c528e6dda75a4ca6593c090e6f02e941696c8daebeb38a25612e35c6697ee

  • SHA512

    7f48b732454f7efbab8584159afd9112897a145f5c99960eb0e4633605a38d2452f7228c81d6c162a32654098d7cf1425789a91713eb1edf00edad4dca93673d

  • SSDEEP

    192:+/ttxOIOWOKxCPs4OLgd9jW5MyjqAYetJiY4YMdqKZ8m4JriGnEjz:+/tDzCPxO1qAdJiZNMKGU/

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\GF_2.ogg"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2160

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2160-5-0x000000013F080000-0x000000013F178000-memory.dmp

          Filesize

          992KB

          Download

        • memory/2160-6-0x000007FEFA890000-0x000007FEFA8C4000-memory.dmp

          Filesize

          208KB

          Download

        • memory/2160-7-0x000007FEF5C10000-0x000007FEF5EC4000-memory.dmp

          Filesize

          2.7MB

          Download

        • memory/2160-8-0x000007FEFB250000-0x000007FEFB268000-memory.dmp

          Filesize

          96KB

          Download

        • memory/2160-9-0x000007FEFA900000-0x000007FEFA917000-memory.dmp

          Filesize

          92KB

          Download

        • memory/2160-10-0x000007FEFA410000-0x000007FEFA421000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-12-0x000007FEFA3D0000-0x000007FEFA3E1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-11-0x000007FEFA3F0000-0x000007FEFA407000-memory.dmp

          Filesize

          92KB

          Download

        • memory/2160-13-0x000007FEF7460000-0x000007FEF747D000-memory.dmp

          Filesize

          116KB

          Download

        • memory/2160-14-0x000007FEF7330000-0x000007FEF7341000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-15-0x000007FEF49A0000-0x000007FEF5A4B000-memory.dmp

          Filesize

          16.7MB

          Download

        • memory/2160-16-0x000007FEF47A0000-0x000007FEF49A0000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2160-17-0x000007FEF7150000-0x000007FEF718F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/2160-18-0x000007FEF7120000-0x000007FEF7141000-memory.dmp

          Filesize

          132KB

          Download

        • memory/2160-19-0x000007FEF7100000-0x000007FEF7118000-memory.dmp

          Filesize

          96KB

          Download

        • memory/2160-20-0x000007FEF70E0000-0x000007FEF70F1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-21-0x000007FEF70C0000-0x000007FEF70D1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-22-0x000007FEF70A0000-0x000007FEF70B1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-23-0x000007FEF6B00000-0x000007FEF6B1B000-memory.dmp

          Filesize

          108KB

          Download

        • memory/2160-24-0x000007FEF6AE0000-0x000007FEF6AF1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-27-0x000007FEF64B0000-0x000007FEF6517000-memory.dmp

          Filesize

          412KB

          Download

        • memory/2160-26-0x000007FEF6A90000-0x000007FEF6AC0000-memory.dmp

          Filesize

          192KB

          Download

        • memory/2160-25-0x000007FEF6AC0000-0x000007FEF6AD8000-memory.dmp

          Filesize

          96KB

          Download

        • memory/2160-28-0x000007FEF4730000-0x000007FEF479F000-memory.dmp

          Filesize

          444KB

          Download

        • memory/2160-29-0x000007FEF6490000-0x000007FEF64A1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-30-0x000007FEF46D0000-0x000007FEF472C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2160-31-0x000007FEF4550000-0x000007FEF46C8000-memory.dmp

          Filesize

          1.5MB

          Download

        • memory/2160-33-0x000007FEFA9D0000-0x000007FEFA9E0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2160-32-0x000007FEF5BF0000-0x000007FEF5C07000-memory.dmp

          Filesize

          92KB

          Download

        • memory/2160-34-0x000007FEF4520000-0x000007FEF454F000-memory.dmp

          Filesize

          188KB

          Download

        • memory/2160-35-0x000007FEF5BD0000-0x000007FEF5BE1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-36-0x000007FEF4500000-0x000007FEF4516000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2160-37-0x000007FEF4430000-0x000007FEF44F5000-memory.dmp

          Filesize

          788KB

          Download

        • memory/2160-38-0x000007FEF4410000-0x000007FEF4425000-memory.dmp

          Filesize

          84KB

          Download

        • memory/2160-39-0x000007FEF43D0000-0x000007FEF43E1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2160-40-0x000007FEF43B0000-0x000007FEF43C2000-memory.dmp

          Filesize

          72KB

          Download

        • memory/2160-41-0x000007FEF4230000-0x000007FEF43AA000-memory.dmp

          Filesize

          1.5MB

          Download