e6af1bfd2060614d2f9b9efbbef805727c84a1b02bf177fd89fa423040d57aeb

Resubmissions

24/02/2024, 21:50

240224-1p9xkagb3z 7

Analysis

max time kernel
140s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 21:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft Alpha 1.2.7/jars/resources/music/calm4.ogg
Size

1.5MB
MD5

b30e2a7ee5eae3570079c9bb12574ee2
SHA1

57f0eda6c2c1acdb22d7d1fb52c350fed2a4e371
SHA256

2d1dc852749f5521408aa46c3a7687a0f30b0c78c210b651ae31cfeb2981c5f5
SHA512

7d3845cd7eb24953697e9b58f2f42a5240ac0b9e5a6f1a7ffa0f96af156f26150502815fe1b7efdbfb950d4cac19017c13e61c68142c31584b2946811ed99805
SSDEEP

24576:WK+neFyIhcpZt5Y5VpI/av+UoDEudfn8/vX/x1P5UcZCO+3eKm57R4o:WK+eiLKVpNEVqXbxUi1gQ9Ko

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2036	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2036	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2036	vlc.exe
Token: SeIncBasePriorityPrivilege	2036	vlc.exe

Suspicious use of FindShellTrayWindow 6 IoCs

pid	Process
2036	vlc.exe
2036	vlc.exe
2036	vlc.exe
2036	vlc.exe
2036	vlc.exe
2036	vlc.exe

Suspicious use of SendNotifyMessage 5 IoCs

pid	Process
2036	vlc.exe
2036	vlc.exe
2036	vlc.exe
2036	vlc.exe
2036	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2036	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Minecraft Alpha 1.2.7\jars\resources\music\calm4.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2036-5-0x000000013FDB0000-0x000000013FEA8000-memory.dmp

Filesize
992KB

Download
memory/2036-6-0x000007FEFB310000-0x000007FEFB344000-memory.dmp

Filesize
208KB

Download
memory/2036-7-0x000007FEF63E0000-0x000007FEF6694000-memory.dmp

Filesize
2.7MB

Download
memory/2036-8-0x000007FEFB880000-0x000007FEFB898000-memory.dmp

Filesize
96KB

Download
memory/2036-9-0x000007FEFB360000-0x000007FEFB377000-memory.dmp

Filesize
92KB

Download
memory/2036-10-0x000007FEF8450000-0x000007FEF8461000-memory.dmp

Filesize
68KB

Download
memory/2036-11-0x000007FEF7630000-0x000007FEF7647000-memory.dmp

Filesize
92KB

Download
memory/2036-12-0x000007FEF7610000-0x000007FEF7621000-memory.dmp

Filesize
68KB

Download
memory/2036-13-0x000007FEF75F0000-0x000007FEF760D000-memory.dmp

Filesize
116KB

Download
memory/2036-14-0x000007FEF6CF0000-0x000007FEF6D01000-memory.dmp

Filesize
68KB

Download
memory/2036-15-0x000007FEF61E0000-0x000007FEF63E0000-memory.dmp

Filesize
2.0MB

Download
memory/2036-18-0x000007FEF6C00000-0x000007FEF6C21000-memory.dmp

Filesize
132KB

Download
memory/2036-20-0x000007FEF6BC0000-0x000007FEF6BD1000-memory.dmp

Filesize
68KB

Download
memory/2036-23-0x000007FEF6B60000-0x000007FEF6B7B000-memory.dmp

Filesize
108KB

Download
memory/2036-24-0x000007FEF6910000-0x000007FEF6921000-memory.dmp

Filesize
68KB

Download
memory/2036-25-0x000007FEF68F0000-0x000007FEF6908000-memory.dmp

Filesize
96KB

Download
memory/2036-22-0x000007FEF6B80000-0x000007FEF6B91000-memory.dmp

Filesize
68KB

Download
memory/2036-26-0x000007FEF68C0000-0x000007FEF68F0000-memory.dmp

Filesize
192KB

Download
memory/2036-21-0x000007FEF6BA0000-0x000007FEF6BB1000-memory.dmp

Filesize
68KB

Download
memory/2036-27-0x000007FEF6850000-0x000007FEF68B7000-memory.dmp

Filesize
412KB

Download
memory/2036-29-0x000007FEF6830000-0x000007FEF6841000-memory.dmp

Filesize
68KB

Download
memory/2036-31-0x000007FEF4EE0000-0x000007FEF5058000-memory.dmp

Filesize
1.5MB

Download
memory/2036-30-0x000007FEF5060000-0x000007FEF50BC000-memory.dmp

Filesize
368KB

Download
memory/2036-28-0x000007FEF50C0000-0x000007FEF512F000-memory.dmp

Filesize
444KB

Download
memory/2036-19-0x000007FEF6BE0000-0x000007FEF6BF8000-memory.dmp

Filesize
96KB

Download
memory/2036-36-0x000007FEF4E70000-0x000007FEF4E86000-memory.dmp

Filesize
88KB

Download
memory/2036-35-0x000007FEF4E90000-0x000007FEF4EA1000-memory.dmp

Filesize
68KB

Download
memory/2036-34-0x000007FEF4EB0000-0x000007FEF4EDF000-memory.dmp

Filesize
188KB

Download
memory/2036-33-0x000007FEFB480000-0x000007FEFB490000-memory.dmp

Filesize
64KB

Download
memory/2036-38-0x000007FEF4D80000-0x000007FEF4D95000-memory.dmp

Filesize
84KB

Download
memory/2036-37-0x000007FEF4DA0000-0x000007FEF4E65000-memory.dmp

Filesize
788KB

Download
memory/2036-40-0x000007FEF4D20000-0x000007FEF4D32000-memory.dmp

Filesize
72KB

Download
memory/2036-39-0x000007FEF4D40000-0x000007FEF4D51000-memory.dmp

Filesize
68KB

Download
memory/2036-32-0x000007FEF6810000-0x000007FEF6827000-memory.dmp

Filesize
92KB

Download
memory/2036-17-0x000007FEF6C30000-0x000007FEF6C6F000-memory.dmp

Filesize
252KB

Download
memory/2036-16-0x000007FEF5130000-0x000007FEF61DB000-memory.dmp

Filesize
16.7MB

Download
memory/2036-41-0x000007FEF4BA0000-0x000007FEF4D1A000-memory.dmp

Filesize
1.5MB

Download
memory/2036-44-0x000007FEF4B40000-0x000007FEF4B51000-memory.dmp

Filesize
68KB

Download
memory/2036-45-0x000007FEF4B20000-0x000007FEF4B31000-memory.dmp

Filesize
68KB

Download
memory/2036-46-0x000007FEF4B00000-0x000007FEF4B11000-memory.dmp

Filesize
68KB

Download
memory/2036-43-0x000007FEF4B60000-0x000007FEF4B74000-memory.dmp

Filesize
80KB

Download
memory/2036-42-0x000007FEF4B80000-0x000007FEF4B93000-memory.dmp

Filesize
76KB

Download