217b04c73d5b364b340e80c801b2592b17a092cbc2833769c82e77e4cd199f2d

Analysis

max time kernel
184s
max time network
142s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
21/02/2024, 17:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Undertale Yellow v1_1/mus/apex.ogg
Size

154KB
MD5

85ec3bfcf190ec057b61033164bf669e
SHA1

570ba11c357e5b30a930c7e785f7e2a328e8248b
SHA256

d6d481f8c276194a8e02f063fe36c6a14290bbde7f27f1befb2a6485bc309655
SHA512

96d2c0e08e8631915160b8455869493d746d04bb8203e5febbbcd16772916001c4a7055b3cac43af127c787d36fbad4d83ca9cf822e7283c7905ac7f64e88acd
SSDEEP

3072:3BDoV/WtX7R/npg1gkkGoAYevSM8HycBkLHabQ/9z9/VUkm8k:3mdW1hpQgkk3evSM4VkLsQ/9x/jk

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2772	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2772	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2772	vlc.exe
Token: SeIncBasePriorityPrivilege	2772	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe
2772	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2772	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Undertale Yellow v1_1\mus\apex.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2772-5-0x000000013FBD0000-0x000000013FCC8000-memory.dmp

Filesize
992KB

Download
memory/2772-6-0x000007FEF7A60000-0x000007FEF7A94000-memory.dmp

Filesize
208KB

Download
memory/2772-7-0x000007FEF62B0000-0x000007FEF6564000-memory.dmp

Filesize
2.7MB

Download
memory/2772-9-0x000007FEFB4E0000-0x000007FEFB4F7000-memory.dmp

Filesize
92KB

Download
memory/2772-10-0x000007FEFABB0000-0x000007FEFABC1000-memory.dmp

Filesize
68KB

Download
memory/2772-11-0x000007FEFAB40000-0x000007FEFAB57000-memory.dmp

Filesize
92KB

Download
memory/2772-12-0x000007FEF6F30000-0x000007FEF6F41000-memory.dmp

Filesize
68KB

Download
memory/2772-14-0x000007FEF6EF0000-0x000007FEF6F01000-memory.dmp

Filesize
68KB

Download
memory/2772-13-0x000007FEF6F10000-0x000007FEF6F2D000-memory.dmp

Filesize
116KB

Download
memory/2772-8-0x000007FEFBC50000-0x000007FEFBC68000-memory.dmp

Filesize
96KB

Download
memory/2772-15-0x000007FEF60B0000-0x000007FEF62B0000-memory.dmp

Filesize
2.0MB

Download
memory/2772-16-0x000007FEF6A60000-0x000007FEF6A9F000-memory.dmp

Filesize
252KB

Download
memory/2772-17-0x000007FEF5000000-0x000007FEF60AB000-memory.dmp

Filesize
16.7MB

Download
memory/2772-25-0x000007FEF6930000-0x000007FEF6948000-memory.dmp

Filesize
96KB

Download
memory/2772-26-0x000007FEF6900000-0x000007FEF6930000-memory.dmp

Filesize
192KB

Download
memory/2772-28-0x000007FEF4F20000-0x000007FEF4F8F000-memory.dmp

Filesize
444KB

Download
memory/2772-27-0x000007FEF4F90000-0x000007FEF4FF7000-memory.dmp

Filesize
412KB

Download
memory/2772-32-0x000007FEF4D20000-0x000007FEF4D37000-memory.dmp

Filesize
92KB

Download
memory/2772-36-0x000007FEF4CB0000-0x000007FEF4CC6000-memory.dmp

Filesize
88KB

Download
memory/2772-40-0x000007FEF4B60000-0x000007FEF4B72000-memory.dmp

Filesize
72KB

Download
memory/2772-41-0x000007FEF49E0000-0x000007FEF4B5A000-memory.dmp

Filesize
1.5MB

Download
memory/2772-39-0x000007FEF4B80000-0x000007FEF4B91000-memory.dmp

Filesize
68KB

Download
memory/2772-38-0x000007FEF4BC0000-0x000007FEF4BD5000-memory.dmp

Filesize
84KB

Download
memory/2772-37-0x000007FEF4BE0000-0x000007FEF4CA5000-memory.dmp

Filesize
788KB

Download
memory/2772-35-0x000007FEF4CD0000-0x000007FEF4CE1000-memory.dmp

Filesize
68KB

Download
memory/2772-34-0x000007FEF4CF0000-0x000007FEF4D1F000-memory.dmp

Filesize
188KB

Download
memory/2772-33-0x000007FEFB4B0000-0x000007FEFB4C0000-memory.dmp

Filesize
64KB

Download
memory/2772-31-0x000007FEF4D40000-0x000007FEF4EB8000-memory.dmp

Filesize
1.5MB

Download
memory/2772-30-0x000007FEF4EC0000-0x000007FEF4F1C000-memory.dmp

Filesize
368KB

Download
memory/2772-29-0x000007FEF68E0000-0x000007FEF68F1000-memory.dmp

Filesize
68KB

Download
memory/2772-24-0x000007FEF6950000-0x000007FEF6961000-memory.dmp

Filesize
68KB

Download
memory/2772-23-0x000007FEF6970000-0x000007FEF698B000-memory.dmp

Filesize
108KB

Download
memory/2772-22-0x000007FEF6990000-0x000007FEF69A1000-memory.dmp

Filesize
68KB

Download
memory/2772-21-0x000007FEF69B0000-0x000007FEF69C1000-memory.dmp

Filesize
68KB

Download
memory/2772-20-0x000007FEF69D0000-0x000007FEF69E1000-memory.dmp

Filesize
68KB

Download
memory/2772-19-0x000007FEF6A40000-0x000007FEF6A58000-memory.dmp

Filesize
96KB

Download
memory/2772-18-0x000007FEF6EC0000-0x000007FEF6EE1000-memory.dmp

Filesize
132KB

Download
memory/2772-54-0x000007FEF5000000-0x000007FEF60AB000-memory.dmp

Filesize
16.7MB

Download