Overview

overview

7

Static

static

3

QuietForestGame.rar

windows7-x64

3

QuietForestGame.rar

windows10-2004-x64

7

QuietForest.exe

windows7-x64

7

QuietForest.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/app-64.7z

windows7-x64

3

$PLUGINSDIR/app-64.7z

windows10-2004-x64

7

locales/pt-PT.pak

windows7-x64

3

locales/pt-PT.pak

windows10-2004-x64

3

locales/ro.pak

windows7-x64

3

locales/ro.pak

windows10-2004-x64

3

locales/ru.pak

windows7-x64

3

locales/ru.pak

windows10-2004-x64

3

locales/sk.pak

windows7-x64

3

locales/sk.pak

windows10-2004-x64

3

locales/sl.pak

windows7-x64

3

locales/sl.pak

windows10-2004-x64

3

locales/sr.pak

windows7-x64

3

locales/sr.pak

windows10-2004-x64

3

locales/sv.pak

windows7-x64

3

locales/sv.pak

windows10-2004-x64

3

locales/sw.pak

windows7-x64

3

locales/sw.pak

windows10-2004-x64

3

locales/ta.pak

windows7-x64

3

locales/ta.pak

windows10-2004-x64

3

locales/te.pak

windows7-x64

3

locales/te.pak

windows10-2004-x64

3

locales/th.pak

windows7-x64

3

locales/th.pak

windows10-2004-x64

3

Analysis

  • max time kernel
    1798s
  • max time network
    1561s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    03-02-2024 00:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    QuietForestGame.rar

  • Size

    59.7MB

  • MD5

    dade874401dd5c4eb32685563a1c1549

  • SHA1

    b4f063159b9ea1f497b49daeff07247f9c216404

  • SHA256

    f8a2c7bf6611cc965e76f1286fc460ec47f3d7e4353877716417cd8b553b2667

  • SHA512

    e9a05df9e76795251ce23468db2b232c48b41ef51a59c8c0e3f7bbbb85f49e883c01d40e644531882dd2d8b80646ea1ff5fc6c5bfbbf08e09ed56bd51fa62b1e

  • SSDEEP

    1572864:UhIvB5WCx+p8HfwX8uAsbjM/wEF4yM6ezCD:UhIvSCx+ewFiwEVezS

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\QuietForestGame.rar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\QuietForestGame.rar
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2168
      • C:\Program Files\VideoLAN\VLC\vlc.exe
        "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\QuietForestGame.rar"
        3⤵
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:2712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2712-25-0x000007FEFAA20000-0x000007FEFAA54000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2712-34-0x000007FEF5810000-0x000007FEF5A10000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2712-33-0x000007FEF5FD0000-0x000007FEF5FE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-32-0x000007FEF6390000-0x000007FEF63AD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2712-35-0x000007FEF4760000-0x000007FEF580B000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/2712-31-0x000007FEF63B0000-0x000007FEF63C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-53-0x000007FEF4430000-0x000007FEF4453000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2712-63-0x000007FEF3FD0000-0x000007FEF3FE1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-68-0x000007FEF3B70000-0x000007FEF3BA5000-memory.dmp

    Filesize

    212KB

    Download

  • memory/2712-79-0x000007FEF3840000-0x000007FEF3851000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-87-0x000007FEF3730000-0x000007FEF3741000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-86-0x000007FEF3750000-0x000007FEF3761000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-85-0x000007FEF3770000-0x000007FEF3782000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2712-84-0x000007FEF3790000-0x000007FEF37B9000-memory.dmp

    Filesize

    164KB

    Download

  • memory/2712-83-0x000007FEF37C0000-0x000007FEF37D6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2712-82-0x000007FEF37E0000-0x000007FEF37F8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2712-81-0x000007FEF3800000-0x000007FEF3812000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2712-80-0x000007FEF3820000-0x000007FEF3831000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-78-0x000007FEF3860000-0x000007FEF3871000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-77-0x000007FEF3880000-0x000007FEF3982000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2712-76-0x000007FEF3990000-0x000007FEF39A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-75-0x000007FEF39B0000-0x000007FEF3A4F000-memory.dmp

    Filesize

    636KB

    Download

  • memory/2712-74-0x000007FEF3A50000-0x000007FEF3A63000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2712-73-0x000007FEF3A70000-0x000007FEF3A82000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2712-72-0x000007FEF3A90000-0x000007FEF3AA1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-71-0x000007FEF3AB0000-0x000007FEF3B11000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2712-70-0x000007FEF3B20000-0x000007FEF3B31000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-69-0x000007FEF3B40000-0x000007FEF3B65000-memory.dmp

    Filesize

    148KB

    Download

  • memory/2712-67-0x000007FEF3BB0000-0x000007FEF3CC2000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2712-66-0x000007FEF3CD0000-0x000007FEF3F01000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/2712-65-0x000007FEF3F10000-0x000007FEF3F22000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2712-64-0x000007FEF3F30000-0x000007FEF3FC7000-memory.dmp

    Filesize

    604KB

    Download

  • memory/2712-62-0x000007FEF3FF0000-0x000007FEF404C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2712-61-0x000007FEF4050000-0x000007FEF4202000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2712-60-0x000007FEF4210000-0x000007FEF423C000-memory.dmp

    Filesize

    176KB

    Download

  • memory/2712-59-0x000007FEF4240000-0x000007FEF437B000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2712-58-0x000007FEF4380000-0x000007FEF4392000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2712-57-0x000007FEF43A0000-0x000007FEF43B3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2712-56-0x000007FEF43C0000-0x000007FEF43E1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2712-55-0x000007FEF43F0000-0x000007FEF4402000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2712-54-0x000007FEF4410000-0x000007FEF4421000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-52-0x000007FEF4460000-0x000007FEF4477000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2712-51-0x000007FEF4480000-0x000007FEF44A4000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2712-50-0x000007FEF44B0000-0x000007FEF44D8000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2712-49-0x000007FEF44E0000-0x000007FEF4536000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2712-48-0x000007FEF4540000-0x000007FEF4551000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-47-0x000007FEF4560000-0x000007FEF45CF000-memory.dmp

    Filesize

    444KB

    Download

  • memory/2712-46-0x000007FEF45D0000-0x000007FEF4637000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2712-45-0x000007FEF4640000-0x000007FEF4670000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2712-44-0x000007FEF4670000-0x000007FEF4688000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2712-43-0x000007FEF4690000-0x000007FEF46A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-42-0x000007FEF46B0000-0x000007FEF46CB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2712-41-0x000007FEF46D0000-0x000007FEF46E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-40-0x000007FEF46F0000-0x000007FEF4701000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-39-0x000007FEF4710000-0x000007FEF4721000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-38-0x000007FEF5F20000-0x000007FEF5F38000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2712-37-0x000007FEF4730000-0x000007FEF4751000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2712-36-0x000007FEF5F90000-0x000007FEF5FCF000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2712-30-0x000007FEF63D0000-0x000007FEF63E7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2712-29-0x000007FEF65B0000-0x000007FEF65C1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2712-28-0x000007FEF7140000-0x000007FEF7157000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2712-27-0x000007FEFAE00000-0x000007FEFAE18000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2712-26-0x000007FEF5A10000-0x000007FEF5CC4000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2712-24-0x000000013F610000-0x000000013F708000-memory.dmp

    Filesize

    992KB

    Download