e6af1bfd2060614d2f9b9efbbef805727c84a1b02bf177fd89fa423040d57aeb

Resubmissions

24/02/2024, 21:50

240224-1p9xkagb3z 7

Analysis

max time kernel
160s
max time network
136s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24/02/2024, 21:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft Alpha 1.2.7/jars/resources/music/calm3.ogg
Size

1.3MB
MD5

085fa9a655ef73ae1a65fea28bc4cabe
SHA1

d1f04bd6d0e94f8c5d80ce095952b0e809bcdd48
SHA256

45c6458d25938ceb57d89d114379386e3add15456f6b9ba325c46772f9ea61f1
SHA512

1e03f397d569a699c9b657c7becaf48e1cb3fc432f426e1374615c0c31c2aaaa7d45afd8258a0e1bedd99886fbb3ae8ac5b344906abc12deeb32225f44c4991a
SSDEEP

24576:exfJJSJ3INwYyZOlzagZrir30KOBPYvQ5jVI8lts/htszp40N0vdKEST5jO8FmT9:YJm3SYkBiEdYvQ4W+5CdDN0vGjvs9

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
3044	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3044	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3044	vlc.exe
Token: SeIncBasePriorityPrivilege	3044	vlc.exe

Suspicious use of FindShellTrayWindow 6 IoCs

pid	Process
3044	vlc.exe
3044	vlc.exe
3044	vlc.exe
3044	vlc.exe
3044	vlc.exe
3044	vlc.exe

Suspicious use of SendNotifyMessage 5 IoCs

pid	Process
3044	vlc.exe
3044	vlc.exe
3044	vlc.exe
3044	vlc.exe
3044	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3044	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Minecraft Alpha 1.2.7\jars\resources\music\calm3.ogg"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:3044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3044-0-0x000000013FF90000-0x0000000140088000-memory.dmp

Filesize
992KB

Download
memory/3044-1-0x000007FEF7E70000-0x000007FEF7EA4000-memory.dmp

Filesize
208KB

Download
memory/3044-2-0x000007FEF64B0000-0x000007FEF6764000-memory.dmp

Filesize
2.7MB

Download
memory/3044-5-0x000007FEF64B0000-0x000007FEF6764000-memory.dmp

Filesize
2.7MB

Download
memory/3044-6-0x000007FEFBB50000-0x000007FEFBB68000-memory.dmp

Filesize
96KB

Download
memory/3044-7-0x000007FEF7C90000-0x000007FEF7CA7000-memory.dmp

Filesize
92KB

Download
memory/3044-8-0x000007FEF7C70000-0x000007FEF7C81000-memory.dmp

Filesize
68KB

Download
memory/3044-9-0x000007FEF7A80000-0x000007FEF7A97000-memory.dmp

Filesize
92KB

Download
memory/3044-15-0x000007FEF70F0000-0x000007FEF7101000-memory.dmp

Filesize
68KB

Download
memory/3044-16-0x000007FEF70D0000-0x000007FEF70ED000-memory.dmp

Filesize
116KB

Download
memory/3044-17-0x000007FEF6BD0000-0x000007FEF6BE1000-memory.dmp

Filesize
68KB

Download
memory/3044-18-0x000007FEF62B0000-0x000007FEF64B0000-memory.dmp

Filesize
2.0MB

Download
memory/3044-19-0x000007FEF6B90000-0x000007FEF6BCF000-memory.dmp

Filesize
252KB

Download
memory/3044-20-0x000007FEF5200000-0x000007FEF62AB000-memory.dmp

Filesize
16.7MB

Download
memory/3044-21-0x000007FEF6B60000-0x000007FEF6B81000-memory.dmp

Filesize
132KB

Download
memory/3044-22-0x000007FEF6B40000-0x000007FEF6B58000-memory.dmp

Filesize
96KB

Download
memory/3044-23-0x000007FEF6B20000-0x000007FEF6B31000-memory.dmp

Filesize
68KB

Download
memory/3044-24-0x000007FEF6B00000-0x000007FEF6B11000-memory.dmp

Filesize
68KB

Download
memory/3044-25-0x000007FEF6AE0000-0x000007FEF6AF1000-memory.dmp

Filesize
68KB

Download
memory/3044-26-0x000007FEF51E0000-0x000007FEF51FB000-memory.dmp

Filesize
108KB

Download
memory/3044-27-0x000007FEF51C0000-0x000007FEF51D1000-memory.dmp

Filesize
68KB

Download
memory/3044-29-0x000007FEF5170000-0x000007FEF51A0000-memory.dmp

Filesize
192KB

Download
memory/3044-28-0x000007FEF51A0000-0x000007FEF51B8000-memory.dmp

Filesize
96KB

Download
memory/3044-30-0x000007FEF5100000-0x000007FEF5167000-memory.dmp

Filesize
412KB

Download
memory/3044-31-0x000007FEF5090000-0x000007FEF50FF000-memory.dmp

Filesize
444KB

Download
memory/3044-32-0x000007FEF5070000-0x000007FEF5081000-memory.dmp

Filesize
68KB

Download
memory/3044-33-0x000007FEF5010000-0x000007FEF506C000-memory.dmp

Filesize
368KB

Download
memory/3044-34-0x000007FEF4E90000-0x000007FEF5008000-memory.dmp

Filesize
1.5MB

Download
memory/3044-35-0x000007FEF4E70000-0x000007FEF4E87000-memory.dmp

Filesize
92KB

Download
memory/3044-36-0x000007FEF7E60000-0x000007FEF7E70000-memory.dmp

Filesize
64KB

Download
memory/3044-37-0x000007FEF4E40000-0x000007FEF4E6F000-memory.dmp

Filesize
188KB

Download
memory/3044-38-0x000007FEF4E20000-0x000007FEF4E31000-memory.dmp

Filesize
68KB

Download
memory/3044-39-0x000007FEF4E00000-0x000007FEF4E16000-memory.dmp

Filesize
88KB

Download
memory/3044-43-0x000007FEF4CB0000-0x000007FEF4CC2000-memory.dmp

Filesize
72KB

Download
memory/3044-42-0x000007FEF4CD0000-0x000007FEF4CE1000-memory.dmp

Filesize
68KB

Download
memory/3044-41-0x000007FEF4D10000-0x000007FEF4D25000-memory.dmp

Filesize
84KB

Download
memory/3044-44-0x000007FEF4B30000-0x000007FEF4CAA000-memory.dmp

Filesize
1.5MB

Download
memory/3044-45-0x000007FEF4B10000-0x000007FEF4B23000-memory.dmp

Filesize
76KB

Download
memory/3044-46-0x000007FEF4AF0000-0x000007FEF4B04000-memory.dmp

Filesize
80KB

Download
memory/3044-40-0x000007FEF4D30000-0x000007FEF4DF5000-memory.dmp

Filesize
788KB

Download
memory/3044-48-0x000007FEF4AB0000-0x000007FEF4AC1000-memory.dmp

Filesize
68KB

Download
memory/3044-47-0x000007FEF4AD0000-0x000007FEF4AE1000-memory.dmp

Filesize
68KB

Download
memory/3044-49-0x000007FEF4A90000-0x000007FEF4AA1000-memory.dmp

Filesize
68KB

Download
memory/3044-62-0x000007FEF5200000-0x000007FEF62AB000-memory.dmp

Filesize
16.7MB

Download