Overview

overview

10

Static

static

10

VideoCacheView.exe

windows7-x64

9

VideoCacheView.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    145s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12-01-2024 16:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VideoCacheView.exe

  • Size

    89KB

  • MD5

    516ba129eacf66b7fd335d8804cb6e56

  • SHA1

    840e4b77eaa5d0c80e5246e3bdc6a65a1735dfbb

  • SHA256

    a151280b4c3ae639d90b63520c649f43b710d4de31ed4ce6623f008d47dbf536

  • SHA512

    90d5f393497a5dda5f55b891f7b283058092b2e30f76b242c23bb553d42265859ccf66d8804b36d39770b0232bd65d1d285c873099a30419beb885be35dbd00c

  • SSDEEP

    1536:FtLlN3VAt99DDI6cEh517kbBrdTc3N9hrIcEm7oRHXjUBYQ+8iA3i1:T+3tDJhfyBrVSNvEc17C3jO3Dy

Score
9/10
spywarestealerupx

Malware Config

Signatures

  • Nirsoft 1 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VideoCacheView.exe
    "C:\Users\Admin\AppData\Local\Temp\VideoCacheView.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2324
  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\PublishReset.M2T"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2376

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2324-0-0x0000000000400000-0x0000000000432000-memory.dmp

    Filesize

    200KB

    Download

  • memory/2324-1-0x0000000000400000-0x0000000000432000-memory.dmp

    Filesize

    200KB

    Download

  • memory/2376-8-0x000000013FC70000-0x000000013FD68000-memory.dmp

    Filesize

    992KB

    Download

  • memory/2376-9-0x000007FEFB530000-0x000007FEFB564000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2376-11-0x000007FEFBF70000-0x000007FEFBF88000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2376-10-0x000007FEF65F0000-0x000007FEF68A4000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2376-12-0x000007FEFBA80000-0x000007FEFBA97000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2376-13-0x000007FEFB580000-0x000007FEFB591000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-14-0x000007FEF7D90000-0x000007FEF7DA7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2376-15-0x000007FEF75F0000-0x000007FEF7601000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-16-0x000007FEF75D0000-0x000007FEF75ED000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2376-18-0x000007FEF63F0000-0x000007FEF65F0000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2376-17-0x000007FEF75B0000-0x000007FEF75C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-22-0x000007FEF7590000-0x000007FEF75A8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2376-33-0x000007FEF5170000-0x000007FEF51C6000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2376-32-0x000007FEF51D0000-0x000007FEF51E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-45-0x000007FEF4CE0000-0x000007FEF4E92000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2376-54-0x000007FEF47B0000-0x000007FEF47C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-69-0x000007FEF4400000-0x000007FEF4412000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2376-68-0x000007FEF4420000-0x000007FEF4449000-memory.dmp

    Filesize

    164KB

    Download

  • memory/2376-67-0x000007FEF4450000-0x000007FEF4466000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2376-66-0x000007FEF4470000-0x000007FEF4488000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2376-65-0x000007FEF4490000-0x000007FEF44A2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2376-64-0x000007FEF44B0000-0x000007FEF44C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-63-0x000007FEF44D0000-0x000007FEF44E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-62-0x000007FEF44F0000-0x000007FEF4501000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-61-0x000007FEF4510000-0x000007FEF4612000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2376-60-0x000007FEF4620000-0x000007FEF4631000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-59-0x000007FEF4640000-0x000007FEF46DF000-memory.dmp

    Filesize

    636KB

    Download

  • memory/2376-58-0x000007FEF46E0000-0x000007FEF46F3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2376-57-0x000007FEF4700000-0x000007FEF4712000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2376-56-0x000007FEF4720000-0x000007FEF4731000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-55-0x000007FEF4740000-0x000007FEF47A1000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2376-53-0x000007FEF47D0000-0x000007FEF47F5000-memory.dmp

    Filesize

    148KB

    Download

  • memory/2376-52-0x000007FEF4800000-0x000007FEF4835000-memory.dmp

    Filesize

    212KB

    Download

  • memory/2376-51-0x000007FEF4840000-0x000007FEF4952000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2376-50-0x000007FEF4960000-0x000007FEF4B91000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/2376-49-0x000007FEF4BA0000-0x000007FEF4BB2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2376-48-0x000007FEF4BC0000-0x000007FEF4C57000-memory.dmp

    Filesize

    604KB

    Download

  • memory/2376-47-0x000007FEF4C60000-0x000007FEF4C71000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-46-0x000007FEF4C80000-0x000007FEF4CDC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2376-44-0x000007FEF4EA0000-0x000007FEF4ECC000-memory.dmp

    Filesize

    176KB

    Download

  • memory/2376-43-0x000007FEF4ED0000-0x000007FEF500B000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2376-42-0x000007FEF5010000-0x000007FEF5022000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2376-41-0x000007FEF5030000-0x000007FEF5043000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2376-40-0x000007FEF5050000-0x000007FEF5071000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2376-39-0x000007FEF5080000-0x000007FEF5092000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2376-38-0x000007FEF50A0000-0x000007FEF50B1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-37-0x000007FEF50C0000-0x000007FEF50E3000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2376-36-0x000007FEF50F0000-0x000007FEF5107000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2376-35-0x000007FEF5110000-0x000007FEF5134000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2376-34-0x000007FEF5140000-0x000007FEF5168000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2376-31-0x000007FEF51F0000-0x000007FEF525F000-memory.dmp

    Filesize

    444KB

    Download

  • memory/2376-30-0x000007FEF5260000-0x000007FEF52C7000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2376-29-0x000007FEF52D0000-0x000007FEF5300000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2376-28-0x000007FEF5300000-0x000007FEF5318000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2376-27-0x000007FEF5320000-0x000007FEF5331000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-26-0x000007FEF6B50000-0x000007FEF6B6B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2376-25-0x000007FEF6B70000-0x000007FEF6B81000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-24-0x000007FEF6B90000-0x000007FEF6BA1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-23-0x000007FEF6FD0000-0x000007FEF6FE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2376-21-0x000007FEF6FF0000-0x000007FEF7011000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2376-20-0x000007FEF7020000-0x000007FEF705F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2376-19-0x000007FEF5340000-0x000007FEF63EB000-memory.dmp

    Filesize

    16.7MB

    Download