Overview

overview

3

Static

static

1

4k Video D...YZ.rar

windows7-x64

3

4k Video D...YZ.rar

windows10-2004-x64

3

Analysis

  • max time kernel
    587s
  • max time network
    379s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    12/11/2023, 00:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4k Video Downloader 4.28.0.5600 - XYZ.rar

  • Size

    174.3MB

  • MD5

    8c18f8a5c9b4fc5870eef1970e441d55

  • SHA1

    9ec3719006330108b7f19a5d72f19fa1de51893e

  • SHA256

    85b541461b8066b2d6740d438ab3fc35622ce614d974f7e559d77d2fd381b04d

  • SHA512

    10bddd72b7baffb9f91671836dc98141f02ae042e14f36e3b0f77768dfaed51f4f956a7d116cce210e6eba90322ff5917f1bad6050fa266a58bd0f0c67b45ae9

  • SSDEEP

    3145728:xibVNMxKYrVR1XujDH4a7aCSRQ56qoXdSITNM1S95pSnJN:UZNMxKYpaDp4W5QsIpM12KH

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\4k Video Downloader 4.28.0.5600 - XYZ.rar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\4k Video Downloader 4.28.0.5600 - XYZ.rar
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2772
      • C:\Program Files\VideoLAN\VLC\vlc.exe
        "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\4k Video Downloader 4.28.0.5600 - XYZ.rar"
        3⤵
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2816-29-0x000000013FDF0000-0x000000013FEE8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/2816-30-0x000007FEF7480000-0x000007FEF74B4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2816-31-0x000007FEF5AE0000-0x000007FEF5D94000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2816-32-0x000007FEFB1C0000-0x000007FEFB1D8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2816-33-0x000007FEF67B0000-0x000007FEF67C7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2816-34-0x000007FEF6790000-0x000007FEF67A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-35-0x000007FEF6770000-0x000007FEF6787000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2816-36-0x000007FEF6290000-0x000007FEF62A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-37-0x000007FEF6200000-0x000007FEF621D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2816-38-0x000007FEF61E0000-0x000007FEF61F1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-39-0x000007FEF58E0000-0x000007FEF5AE0000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2816-40-0x000007FEF61A0000-0x000007FEF61DF000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2816-41-0x000007FEF4830000-0x000007FEF58DB000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/2816-42-0x000007FEF6170000-0x000007FEF6191000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2816-45-0x000007FEF6110000-0x000007FEF6121000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-44-0x000007FEF6130000-0x000007FEF6141000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-43-0x000007FEF6150000-0x000007FEF6168000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2816-46-0x000007FEF4810000-0x000007FEF4821000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-47-0x000007FEF47D0000-0x000007FEF47EB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2816-48-0x000007FEF47B0000-0x000007FEF47C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-49-0x000007FEFAAD0000-0x000007FEFAAE8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2816-50-0x000007FEFAAA0000-0x000007FEFAAD0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2816-51-0x000007FEFAA30000-0x000007FEFAA97000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2816-52-0x000007FEF4670000-0x000007FEF46DF000-memory.dmp

    Filesize

    444KB

    Download

  • memory/2816-53-0x000007FEF4650000-0x000007FEF4661000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-56-0x000007FEF44F0000-0x000007FEF4514000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2816-55-0x000007FEF45C0000-0x000007FEF45E8000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2816-57-0x000007FEF44D0000-0x000007FEF44E7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2816-54-0x000007FEF45F0000-0x000007FEF4646000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2816-58-0x000007FEF44A0000-0x000007FEF44C3000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2816-59-0x000007FEF4480000-0x000007FEF4491000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-60-0x000007FEF43D0000-0x000007FEF43E2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2816-61-0x000007FEF4450000-0x000007FEF4471000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2816-62-0x000007FEF4430000-0x000007FEF4443000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2816-63-0x000007FEF4410000-0x000007FEF4422000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2816-64-0x000007FEF4290000-0x000007FEF43CB000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2816-65-0x000007FEF4260000-0x000007FEF428C000-memory.dmp

    Filesize

    176KB

    Download

  • memory/2816-66-0x000007FEF40A0000-0x000007FEF4252000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2816-68-0x000007FEF43F0000-0x000007FEF4401000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-67-0x000007FEF3BD0000-0x000007FEF3C2C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2816-69-0x000007FEF3B30000-0x000007FEF3BC7000-memory.dmp

    Filesize

    604KB

    Download

  • memory/2816-70-0x000007FEF3B10000-0x000007FEF3B22000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2816-71-0x000007FEF38D0000-0x000007FEF3B01000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/2816-72-0x000007FEF3670000-0x000007FEF3782000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2816-73-0x000007FEF3400000-0x000007FEF3435000-memory.dmp

    Filesize

    212KB

    Download

  • memory/2816-74-0x000007FEF33D0000-0x000007FEF33F5000-memory.dmp

    Filesize

    148KB

    Download

  • memory/2816-75-0x000007FEF33B0000-0x000007FEF33C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-76-0x000007FEF3340000-0x000007FEF33A1000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2816-77-0x000007FEF2C30000-0x000007FEF2C41000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-78-0x000007FEF2E30000-0x000007FEF2E42000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2816-79-0x000007FEF2DD0000-0x000007FEF2DE3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2816-80-0x000007FEF2D30000-0x000007FEF2DCF000-memory.dmp

    Filesize

    636KB

    Download

  • memory/2816-81-0x000007FEF2CF0000-0x000007FEF2D01000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-82-0x000007FEF2B20000-0x000007FEF2C22000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2816-84-0x000007FEF2CB0000-0x000007FEF2CC1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-83-0x000007FEF2CD0000-0x000007FEF2CE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-85-0x000007FEF2C90000-0x000007FEF2CA1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-86-0x000007FEF2C70000-0x000007FEF2C82000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2816-87-0x000007FEF2C50000-0x000007FEF2C68000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2816-88-0x000007FEF2900000-0x000007FEF2916000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2816-89-0x000007FEF28D0000-0x000007FEF28F9000-memory.dmp

    Filesize

    164KB

    Download

  • memory/2816-90-0x000007FEF2B00000-0x000007FEF2B12000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2816-91-0x000007FEF2AE0000-0x000007FEF2AF1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2816-92-0x000007FEF2AC0000-0x000007FEF2AD1000-memory.dmp

    Filesize

    68KB

    Download