Overview

overview

10

Static

static

3

payload.exe

windows7-x64

1

payload.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-04-2024 19:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    payload.exe

  • Size

    422KB

  • MD5

    03750d84804cd05a1e7366dd52e67f71

  • SHA1

    c64e12d70a131e168d54e4074c3a11668779381d

  • SHA256

    9ce8c75892fbdc4793558467d98e05b17459cdce4078b0fb7c270495d195d747

  • SHA512

    bcffeebef54e05fac8b7ef3c8d491a686c8de0f5a00f8bf94f9486fb5091e1a916bc491256bf58a6751f9d128c4d9148bad97a3d459976862f26104d6988e4f7

  • SSDEEP

    6144:29KDb7RpkvFCCTnOPivspTpwlHe6EiZ1gFrzTt8ceX7seXztApIvejJXcxQC:zb7RpkMCsppwlRgFXG9XdtOp5ciC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 21 IoCs
  • Suspicious use of SendNotifyMessage 20 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\payload.exe
    "C:\Users\Admin\AppData\Local\Temp\payload.exe"
    1⤵
      PID:2304
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\WaitSubmit.m4v"
      1⤵
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:2948

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini
      Filesize

      75B

      MD5

      8085bf66be08d31417a005cd1bb36a92

      SHA1

      ca79f71ea0c26844ed6695d2909258f2cfd55f39

      SHA256

      70088cb0f30c75b270bec6251e51d856df711c35db79b057ddd0734a6a57e0c2

      SHA512

      584f9dec5bef23833b50eb8c53c6ce3f3056602093b032b38b22ab453b20206b81e8faa0555a0f19809d250c27d45baf42531c1ac649c14522dbaa6a3540e539

      Download Submit
    • memory/2304-0-0x0000000000E40000-0x0000000000EAE000-memory.dmp
      Filesize

      440KB

      Download
    • memory/2948-28-0x000000013F720000-0x000000013F818000-memory.dmp
      Filesize

      992KB

      Download
    • memory/2948-29-0x000007FEF7150000-0x000007FEF7184000-memory.dmp
      Filesize

      208KB

      Download
    • memory/2948-30-0x000007FEF5550000-0x000007FEF5804000-memory.dmp
      Filesize

      2.7MB

      Download
    • memory/2948-31-0x000007FEF41E0000-0x000007FEF528B000-memory.dmp
      Filesize

      16.7MB

      Download