e6af1bfd2060614d2f9b9efbbef805727c84a1b02bf177fd89fa423040d57aeb

Resubmissions

24/02/2024, 21:50

240224-1p9xkagb3z 7

Analysis

max time kernel
142s
max time network
135s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 21:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft Alpha 1.2.7/jars/resources/newmusic/piano3.ogg
Size

767KB
MD5

60bab0a3fdcf96e593ad883613e2ce43
SHA1

ea9ea6c9168fd2aa348c9577707f29ba655f09d4
SHA256

75c3914f6a94846aab1d564822976043388dc5bb875962ba3f2190e1719da659
SHA512

a1797742c4eb55761fbf74cc12be694c777109596ae515b7dbb22cca03e12b09ac417d27976e2d3f82a0710473f3dd9437238451c49e5eaa1f375022d6c6333d
SSDEEP

12288:daoIgj5zxbUEgC6+xOT24zYluRMG6seRd+GheWCLTykXT6sB0meKRBxR/jh5RtKJ:daoIgjRxbFgeOFzX6sI9hRCLmkXTFBtY

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
3032	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3032	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3032	vlc.exe
Token: SeIncBasePriorityPrivilege	3032	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe
3032	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3032	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Minecraft Alpha 1.2.7\jars\resources\newmusic\piano3.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:3032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3032-5-0x000000013F1C0000-0x000000013F2B8000-memory.dmp

Filesize
992KB

Download
memory/3032-6-0x000007FEFABC0000-0x000007FEFABF4000-memory.dmp

Filesize
208KB

Download
memory/3032-14-0x000007FEF72D0000-0x000007FEF72E1000-memory.dmp

Filesize
68KB

Download
memory/3032-13-0x000007FEF72F0000-0x000007FEF730D000-memory.dmp

Filesize
116KB

Download
memory/3032-12-0x000007FEFA760000-0x000007FEFA771000-memory.dmp

Filesize
68KB

Download
memory/3032-11-0x000007FEFABA0000-0x000007FEFABB7000-memory.dmp

Filesize
92KB

Download
memory/3032-10-0x000007FEFAC10000-0x000007FEFAC21000-memory.dmp

Filesize
68KB

Download
memory/3032-9-0x000007FEFACF0000-0x000007FEFAD07000-memory.dmp

Filesize
92KB

Download
memory/3032-8-0x000007FEFB070000-0x000007FEFB088000-memory.dmp

Filesize
96KB

Download
memory/3032-7-0x000007FEF5A30000-0x000007FEF5CE4000-memory.dmp

Filesize
2.7MB

Download
memory/3032-15-0x000007FEF5830000-0x000007FEF5A30000-memory.dmp

Filesize
2.0MB

Download
memory/3032-16-0x000007FEF4780000-0x000007FEF582B000-memory.dmp

Filesize
16.7MB

Download
memory/3032-20-0x000007FEF6C90000-0x000007FEF6CA1000-memory.dmp

Filesize
68KB

Download
memory/3032-19-0x000007FEF6CB0000-0x000007FEF6CC8000-memory.dmp

Filesize
96KB

Download
memory/3032-21-0x000007FEF6C70000-0x000007FEF6C81000-memory.dmp

Filesize
68KB

Download
memory/3032-18-0x000007FEF71E0000-0x000007FEF7201000-memory.dmp

Filesize
132KB

Download
memory/3032-17-0x000007FEF7210000-0x000007FEF724F000-memory.dmp

Filesize
252KB

Download
memory/3032-23-0x000007FEF6C30000-0x000007FEF6C4B000-memory.dmp

Filesize
108KB

Download
memory/3032-22-0x000007FEF6C50000-0x000007FEF6C61000-memory.dmp

Filesize
68KB

Download
memory/3032-29-0x000007FEF6690000-0x000007FEF66A1000-memory.dmp

Filesize
68KB

Download
memory/3032-28-0x000007FEF66B0000-0x000007FEF671F000-memory.dmp

Filesize
444KB

Download
memory/3032-30-0x000007FEF6110000-0x000007FEF616C000-memory.dmp

Filesize
368KB

Download
memory/3032-27-0x000007FEF6720000-0x000007FEF6787000-memory.dmp

Filesize
412KB

Download
memory/3032-26-0x000007FEF6790000-0x000007FEF67C0000-memory.dmp

Filesize
192KB

Download
memory/3032-25-0x000007FEF67C0000-0x000007FEF67D8000-memory.dmp

Filesize
96KB

Download
memory/3032-24-0x000007FEF67E0000-0x000007FEF67F1000-memory.dmp

Filesize
68KB

Download
memory/3032-32-0x000007FEF6670000-0x000007FEF6687000-memory.dmp

Filesize
92KB

Download
memory/3032-31-0x000007FEF4600000-0x000007FEF4778000-memory.dmp

Filesize
1.5MB

Download
memory/3032-33-0x000007FEFAD40000-0x000007FEFAD50000-memory.dmp

Filesize
64KB

Download
memory/3032-34-0x000007FEF6640000-0x000007FEF666F000-memory.dmp

Filesize
188KB

Download
memory/3032-35-0x000007FEF61B0000-0x000007FEF61C1000-memory.dmp

Filesize
68KB

Download
memory/3032-36-0x000007FEF60F0000-0x000007FEF6106000-memory.dmp

Filesize
88KB

Download
memory/3032-37-0x000007FEF4530000-0x000007FEF45F5000-memory.dmp

Filesize
788KB

Download
memory/3032-38-0x000007FEF60D0000-0x000007FEF60E5000-memory.dmp

Filesize
84KB

Download
memory/3032-40-0x000007FEF6070000-0x000007FEF6082000-memory.dmp

Filesize
72KB

Download
memory/3032-39-0x000007FEF6090000-0x000007FEF60A1000-memory.dmp

Filesize
68KB

Download
memory/3032-41-0x000007FEF43B0000-0x000007FEF452A000-memory.dmp

Filesize
1.5MB

Download
memory/3032-53-0x000007FEF4780000-0x000007FEF582B000-memory.dmp

Filesize
16.7MB

Download