e6af1bfd2060614d2f9b9efbbef805727c84a1b02bf177fd89fa423040d57aeb

Resubmissions

24/02/2024, 21:50

240224-1p9xkagb3z 7

Analysis

max time kernel
140s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 21:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft Alpha 1.2.7/jars/resources/newmusic/piano1.ogg
Size

461KB
MD5

72c2fbb516587c8ca68fdfd6d15a948d
SHA1

a8b70bbbe5fe8690ecd5a1187ff6b033e525afed
SHA256

73e7d452c819653074ca3e04a1359ed9905577a6159d1e399f56ca73bdd86e0c
SHA512

2c5413dfa2da2a0d446de64923ffd404caba13db54be0c39bcf54de9e0756ee1c631213c627dabe52e30037dc558de2154b0710c910b0a49f0a175bd96be64cd
SSDEEP

12288:QnlzNDYyrQZplLHBbNPdFRjgtr+63l1zUH/n+3qqv:wlzNDbrylLHBbNlFRjsSAm+3X

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
3028	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3028	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3028	vlc.exe
Token: SeIncBasePriorityPrivilege	3028	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe
3028	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3028	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Minecraft Alpha 1.2.7\jars\resources\newmusic\piano1.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:3028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3028-6-0x000007FEFA620000-0x000007FEFA654000-memory.dmp

Filesize
208KB

Download
memory/3028-5-0x000000013F9F0000-0x000000013FAE8000-memory.dmp

Filesize
992KB

Download
memory/3028-7-0x000007FEF5BF0000-0x000007FEF5EA4000-memory.dmp

Filesize
2.7MB

Download
memory/3028-8-0x000007FEFB150000-0x000007FEFB168000-memory.dmp

Filesize
96KB

Download
memory/3028-10-0x000007FEFA430000-0x000007FEFA441000-memory.dmp

Filesize
68KB

Download
memory/3028-9-0x000007FEFA990000-0x000007FEFA9A7000-memory.dmp

Filesize
92KB

Download
memory/3028-11-0x000007FEFA410000-0x000007FEFA427000-memory.dmp

Filesize
92KB

Download
memory/3028-12-0x000007FEFA3F0000-0x000007FEFA401000-memory.dmp

Filesize
68KB

Download
memory/3028-14-0x000007FEFA250000-0x000007FEFA261000-memory.dmp

Filesize
68KB

Download
memory/3028-13-0x000007FEFA3D0000-0x000007FEFA3ED000-memory.dmp

Filesize
116KB

Download
memory/3028-15-0x000007FEF59F0000-0x000007FEF5BF0000-memory.dmp

Filesize
2.0MB

Download
memory/3028-16-0x000007FEFA210000-0x000007FEFA24F000-memory.dmp

Filesize
252KB

Download
memory/3028-17-0x000007FEF45A0000-0x000007FEF564B000-memory.dmp

Filesize
16.7MB

Download
memory/3028-18-0x000007FEF7130000-0x000007FEF7151000-memory.dmp

Filesize
132KB

Download
memory/3028-20-0x000007FEF70F0000-0x000007FEF7101000-memory.dmp

Filesize
68KB

Download
memory/3028-19-0x000007FEF7110000-0x000007FEF7128000-memory.dmp

Filesize
96KB

Download
memory/3028-21-0x000007FEF6540000-0x000007FEF6551000-memory.dmp

Filesize
68KB

Download
memory/3028-23-0x000007FEF6500000-0x000007FEF651B000-memory.dmp

Filesize
108KB

Download
memory/3028-22-0x000007FEF6520000-0x000007FEF6531000-memory.dmp

Filesize
68KB

Download
memory/3028-24-0x000007FEF64E0000-0x000007FEF64F1000-memory.dmp

Filesize
68KB

Download
memory/3028-25-0x000007FEF59D0000-0x000007FEF59E8000-memory.dmp

Filesize
96KB

Download
memory/3028-26-0x000007FEF59A0000-0x000007FEF59D0000-memory.dmp

Filesize
192KB

Download
memory/3028-30-0x000007FEF5840000-0x000007FEF589C000-memory.dmp

Filesize
368KB

Download
memory/3028-29-0x000007FEF58A0000-0x000007FEF58B1000-memory.dmp

Filesize
68KB

Download
memory/3028-28-0x000007FEF58C0000-0x000007FEF592F000-memory.dmp

Filesize
444KB

Download
memory/3028-27-0x000007FEF5930000-0x000007FEF5997000-memory.dmp

Filesize
412KB

Download
memory/3028-36-0x000007FEF57B0000-0x000007FEF57C6000-memory.dmp

Filesize
88KB

Download
memory/3028-35-0x000007FEF57D0000-0x000007FEF57E1000-memory.dmp

Filesize
68KB

Download
memory/3028-34-0x000007FEF57F0000-0x000007FEF581F000-memory.dmp

Filesize
188KB

Download
memory/3028-37-0x000007FEF56E0000-0x000007FEF57A5000-memory.dmp

Filesize
788KB

Download
memory/3028-33-0x000007FEFAA40000-0x000007FEFAA50000-memory.dmp

Filesize
64KB

Download
memory/3028-40-0x000007FEF43A0000-0x000007FEF43B2000-memory.dmp

Filesize
72KB

Download
memory/3028-39-0x000007FEF43C0000-0x000007FEF43D1000-memory.dmp

Filesize
68KB

Download
memory/3028-38-0x000007FEF4400000-0x000007FEF4415000-memory.dmp

Filesize
84KB

Download
memory/3028-32-0x000007FEF5820000-0x000007FEF5837000-memory.dmp

Filesize
92KB

Download
memory/3028-31-0x000007FEF4420000-0x000007FEF4598000-memory.dmp

Filesize
1.5MB

Download
memory/3028-41-0x000007FEF4220000-0x000007FEF439A000-memory.dmp

Filesize
1.5MB

Download