Overview

overview

3

Static

static

3

phobia.exe

windows7-x64

1

phobia.exe

windows10-2004-x64

1

Resubmissions

25/04/2024, 12:43

240425-px387sah33 3

Analysis

  • max time kernel
    133s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/04/2024, 12:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    phobia.exe

  • Size

    7.2MB

  • MD5

    a75de0fa3edd3d601a08fd44ef2f5674

  • SHA1

    37116112260080cebf1f78dfd0b541e298d8a3b4

  • SHA256

    a912f3edcde567f09397fd5fbb309549189f824a86cf19a2e579fa29c464bf67

  • SHA512

    8aad374f3af624b7c91be623ab509c2145e376e12403588d922a8ffd99a25860d7382a588afe5bc96a214c0fcce138c42130829e8c40a6b28b02e648d3927e5b

  • SSDEEP

    196608:kU8iAC8f9vybCHxpp1UlyxkxVgoea3Jbu:t8v9vyQp1UlQe

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 21 IoCs
  • Suspicious use of SendNotifyMessage 20 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\phobia.exe
    "C:\Users\Admin\AppData\Local\Temp\phobia.exe"
    1⤵
      PID:1688
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2964
      • C:\Program Files\VideoLAN\VLC\vlc.exe
        "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\MergeSearch.mpeg"
        1⤵
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:1644

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini
        Filesize

        77B

        MD5

        f294c188313f57fd785a200d23a5145b

        SHA1

        985d09b4e410c24c3666c7b31393a145736d7274

        SHA256

        ba6d95827495d759f5f34d02de731fbc3bca2efcaf880b7a34af1e4aff00ebc3

        SHA512

        263e52eb3d3a759761aada119cd5e79b281ae27966a5fb52f8811793446a04fe22e6bb9a3ee23d99b6644e45467af55ca7dbe3d838f714ad6de8252664873d9e

        Download Submit

      • memory/1644-17-0x000000013F7F0000-0x000000013F8E8000-memory.dmp

        Filesize

        992KB

        Download

      • memory/1644-28-0x000000013F7F0000-0x000000013F8E8000-memory.dmp

        Filesize

        992KB

        Download

      • memory/1644-29-0x000007FEF5100000-0x000007FEF5134000-memory.dmp

        Filesize

        208KB

        Download

      • memory/1644-32-0x000007FEF4E40000-0x000007FEF50F4000-memory.dmp

        Filesize

        2.7MB

        Download

      • memory/1644-34-0x000007FEF37B0000-0x000007FEF485B000-memory.dmp

        Filesize

        16.7MB

        Download

      • memory/1644-46-0x000007FEF2CB0000-0x000007FEF2DC2000-memory.dmp

        Filesize

        1.1MB

        Download