217b04c73d5b364b340e80c801b2592b17a092cbc2833769c82e77e4cd199f2d

Analysis

max time kernel
147s
max time network
154s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
21/02/2024, 17:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Undertale Yellow v1_1/mus/birdnoise.ogg
Size

271KB
MD5

291df8ce9a2f1ac8ad90c34142f94446
SHA1

a48513dc2f709cb86446df116b37e56ac510e705
SHA256

8918fd1d88e1008ceae88fd76900673b0752612f9eb9409f6b991234304ff430
SHA512

701353fa342ab4d4d63b7af07a0b40ce8674923cd6a51b78865f3a8506b70da5c89d4785bc6cd5a6c495bf6e0fa3efb2efb4f46acfc5e896ee80f5ddd0324e5c
SSDEEP

6144:3fiIiQ2obmeSevOtjuy93D+JIi3Hk5uSRqrFSaS68h4GRv24Z12:viI7SeyTx6qAk5uSorwasrOT

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1736	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1736	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	1736	vlc.exe
Token: SeIncBasePriorityPrivilege	1736	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe
1736	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1736	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Undertale Yellow v1_1\mus\birdnoise.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1736-5-0x000000013F7A0000-0x000000013F898000-memory.dmp

Filesize
992KB

Download
memory/1736-6-0x000007FEFB1E0000-0x000007FEFB214000-memory.dmp

Filesize
208KB

Download
memory/1736-7-0x000007FEF5FD0000-0x000007FEF6284000-memory.dmp

Filesize
2.7MB

Download
memory/1736-8-0x000007FEFB5F0000-0x000007FEFB608000-memory.dmp

Filesize
96KB

Download
memory/1736-14-0x000007FEF7AE0000-0x000007FEF7AF1000-memory.dmp

Filesize
68KB

Download
memory/1736-13-0x000007FEF7B00000-0x000007FEF7B1D000-memory.dmp

Filesize
116KB

Download
memory/1736-12-0x000007FEFA880000-0x000007FEFA891000-memory.dmp

Filesize
68KB

Download
memory/1736-15-0x000007FEF5DD0000-0x000007FEF5FD0000-memory.dmp

Filesize
2.0MB

Download
memory/1736-11-0x000007FEFA8A0000-0x000007FEFA8B7000-memory.dmp

Filesize
92KB

Download
memory/1736-10-0x000007FEFA8C0000-0x000007FEFA8D1000-memory.dmp

Filesize
68KB

Download
memory/1736-9-0x000007FEFB2D0000-0x000007FEFB2E7000-memory.dmp

Filesize
92KB

Download
memory/1736-16-0x000007FEF4D20000-0x000007FEF5DCB000-memory.dmp

Filesize
16.7MB

Download
memory/1736-17-0x000007FEF7AA0000-0x000007FEF7ADF000-memory.dmp

Filesize
252KB

Download
memory/1736-18-0x000007FEF79E0000-0x000007FEF7A01000-memory.dmp

Filesize
132KB

Download
memory/1736-19-0x000007FEF7A80000-0x000007FEF7A98000-memory.dmp

Filesize
96KB

Download
memory/1736-20-0x000007FEF79C0000-0x000007FEF79D1000-memory.dmp

Filesize
68KB

Download
memory/1736-27-0x000007FEF6B50000-0x000007FEF6BB7000-memory.dmp

Filesize
412KB

Download
memory/1736-26-0x000007FEF7870000-0x000007FEF78A0000-memory.dmp

Filesize
192KB

Download
memory/1736-25-0x000007FEF78A0000-0x000007FEF78B8000-memory.dmp

Filesize
96KB

Download
memory/1736-24-0x000007FEF78C0000-0x000007FEF78D1000-memory.dmp

Filesize
68KB

Download
memory/1736-29-0x000007FEF7850000-0x000007FEF7861000-memory.dmp

Filesize
68KB

Download
memory/1736-30-0x000007FEF6640000-0x000007FEF669C000-memory.dmp

Filesize
368KB

Download
memory/1736-28-0x000007FEF66A0000-0x000007FEF670F000-memory.dmp

Filesize
444KB

Download
memory/1736-31-0x000007FEF4BA0000-0x000007FEF4D18000-memory.dmp

Filesize
1.5MB

Download
memory/1736-23-0x000007FEF78E0000-0x000007FEF78FB000-memory.dmp

Filesize
108KB

Download
memory/1736-36-0x000007FEF4B80000-0x000007FEF4B96000-memory.dmp

Filesize
88KB

Download
memory/1736-37-0x000007FEF4AB0000-0x000007FEF4B75000-memory.dmp

Filesize
788KB

Download
memory/1736-38-0x000007FEF4A90000-0x000007FEF4AA5000-memory.dmp

Filesize
84KB

Download
memory/1736-39-0x000007FEF4A70000-0x000007FEF4A81000-memory.dmp

Filesize
68KB

Download
memory/1736-40-0x000007FEF4A30000-0x000007FEF4A42000-memory.dmp

Filesize
72KB

Download
memory/1736-35-0x000007FEF6B30000-0x000007FEF6B41000-memory.dmp

Filesize
68KB

Download
memory/1736-34-0x000007FEF6610000-0x000007FEF663F000-memory.dmp

Filesize
188KB

Download
memory/1736-33-0x000007FEFB570000-0x000007FEFB580000-memory.dmp

Filesize
64KB

Download
memory/1736-32-0x000007FEF7020000-0x000007FEF7037000-memory.dmp

Filesize
92KB

Download
memory/1736-22-0x000007FEF7900000-0x000007FEF7911000-memory.dmp

Filesize
68KB

Download
memory/1736-21-0x000007FEF79A0000-0x000007FEF79B1000-memory.dmp

Filesize
68KB

Download
memory/1736-41-0x000007FEF48B0000-0x000007FEF4A2A000-memory.dmp

Filesize
1.5MB

Download
memory/1736-53-0x000007FEF4D20000-0x000007FEF5DCB000-memory.dmp

Filesize
16.7MB

Download