Overview

overview

7

Static

static

7

ANGRY.ogg

windows7-x64

1

ANGRY.ogg

windows10-2004-x64

7

ANGRY_TEXT_BOX.ogg

windows7-x64

1

ANGRY_TEXT_BOX.ogg

windows10-2004-x64

7

Animation.json

windows7-x64

3

Animation.json

windows10-2004-x64

3

BF_Dialogue.png

windows7-x64

3

BF_Dialogue.png

windows10-2004-x64

3

BF_Dialogue.xml

windows7-x64

1

BF_Dialogue.xml

windows10-2004-x64

1

BOYFRIEND.png

windows7-x64

3

BOYFRIEND.png

windows10-2004-x64

3

BOYFRIEND.xml

windows7-x64

1

BOYFRIEND.xml

windows10-2004-x64

1

BOYFRIEND_DEAD.png

windows7-x64

3

BOYFRIEND_DEAD.png

windows10-2004-x64

3

BOYFRIEND_DEAD.xml

windows7-x64

1

BOYFRIEND_DEAD.xml

windows10-2004-x64

1

DADDY_DEAREST.png

windows7-x64

3

DADDY_DEAREST.png

windows10-2004-x64

3

DADDY_DEAREST.xml

windows7-x64

1

DADDY_DEAREST.xml

windows10-2004-x64

1

DISTORTO.ogg

windows7-x64

1

DISTORTO.ogg

windows10-2004-x64

7

GF_1.ogg

windows7-x64

1

GF_1.ogg

windows10-2004-x64

7

GF_2.ogg

windows7-x64

1

GF_2.ogg

windows10-2004-x64

7

GF_3.ogg

windows7-x64

1

GF_3.ogg

windows10-2004-x64

7

GF_4.ogg

windows7-x64

1

GF_4.ogg

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231025-es
  • resource tags

    arch:x64arch:x86image:win7-20231025-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    07-11-2023 13:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GF_3.ogg

  • Size

    9KB

  • MD5

    fca4215c4ba38bfdb8e602e3efccabbd

  • SHA1

    72d4a359ed6ae84a7bb3b21571429b3c8ad5e448

  • SHA256

    268000d82dc1086f19774f9d4da88c7c7d090cdde06ffd2ef3d9b8e09ee8532a

  • SHA512

    59b8958ff64b6ac3ff19f701282f220f3a6b5beef26cf70bedd230b65513ca8972fe04b47bda4a7c1c2b8e201dadd601767964965a207e9e918efe1321cded80

  • SSDEEP

    192:4cW/ttxOIOWOKxCPs4OLgKMGjHIgpS8DPEYl6HH4xkLhsjK1eDBslvyYqu:m/tDzCPDGIGPEu6n4KeDdYqu

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\GF_3.ogg"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1976-5-0x000000013F3B0000-0x000000013F4A8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/1976-6-0x000007FEFB490000-0x000007FEFB4C4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1976-7-0x000007FEF6500000-0x000007FEF67B4000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/1976-8-0x000007FEFBA60000-0x000007FEFBA78000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1976-9-0x000007FEFB670000-0x000007FEFB687000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1976-10-0x000007FEFB5A0000-0x000007FEFB5B1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-12-0x000007FEFB1C0000-0x000007FEFB1D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-11-0x000007FEFB1E0000-0x000007FEFB1F7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1976-13-0x000007FEFB1A0000-0x000007FEFB1BD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/1976-14-0x000007FEFB180000-0x000007FEFB191000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-15-0x000007FEF6300000-0x000007FEF6500000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1976-16-0x000007FEF5200000-0x000007FEF62AB000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/1976-17-0x000007FEF7CA0000-0x000007FEF7CDF000-memory.dmp

    Filesize

    252KB

    Download

  • memory/1976-18-0x000007FEF7C70000-0x000007FEF7C91000-memory.dmp

    Filesize

    132KB

    Download

  • memory/1976-19-0x000007FEF7E40000-0x000007FEF7E58000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1976-20-0x000007FEF7C50000-0x000007FEF7C61000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-22-0x000007FEF7C10000-0x000007FEF7C21000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-21-0x000007FEF7C30000-0x000007FEF7C41000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-23-0x000007FEF7BF0000-0x000007FEF7C0B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1976-24-0x000007FEF76D0000-0x000007FEF76E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-25-0x000007FEF76B0000-0x000007FEF76C8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1976-26-0x000007FEF7680000-0x000007FEF76B0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/1976-27-0x000007FEF7080000-0x000007FEF70E7000-memory.dmp

    Filesize

    412KB

    Download

  • memory/1976-28-0x000007FEF6BD0000-0x000007FEF6C3F000-memory.dmp

    Filesize

    444KB

    Download

  • memory/1976-29-0x000007FEF7660000-0x000007FEF7671000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-30-0x000007FEF6B70000-0x000007FEF6BCC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/1976-31-0x000007FEF5080000-0x000007FEF51F8000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1976-32-0x000007FEF7060000-0x000007FEF7077000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1976-33-0x000007FEFB6F0000-0x000007FEFB700000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1976-34-0x000007FEF6B40000-0x000007FEF6B6F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1976-36-0x000007FEF5040000-0x000007FEF5056000-memory.dmp

    Filesize

    88KB

    Download

  • memory/1976-35-0x000007FEF5060000-0x000007FEF5071000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-37-0x000007FEF4F70000-0x000007FEF5035000-memory.dmp

    Filesize

    788KB

    Download

  • memory/1976-38-0x000007FEF4F50000-0x000007FEF4F65000-memory.dmp

    Filesize

    84KB

    Download

  • memory/1976-39-0x000007FEF4F10000-0x000007FEF4F21000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1976-40-0x000007FEF4EF0000-0x000007FEF4F02000-memory.dmp

    Filesize

    72KB

    Download

  • memory/1976-41-0x000007FEF4D70000-0x000007FEF4EEA000-memory.dmp

    Filesize

    1.5MB

    Download