Overview

overview

6

Static

static

3

PinballXP.zip

windows11-21h2-x64

1

FONT.dat

windows11-21h2-x64

3

PINBALL.dat

windows11-21h2-x64

3

PINBALL.mid

windows11-21h2-x64

1

PINBALL2.mid

windows11-21h2-x64

1

SOUND1.wav

windows11-21h2-x64

6

SOUND104.wav

windows11-21h2-x64

6

SOUND105.wav

windows11-21h2-x64

6

SOUND108.wav

windows11-21h2-x64

6

SOUND111.wav

windows11-21h2-x64

6

SOUND112.wav

windows11-21h2-x64

6

SOUND12.wav

windows11-21h2-x64

1

SOUND13.wav

windows11-21h2-x64

6

SOUND131.wav

windows11-21h2-x64

6

SOUND136.wav

windows11-21h2-x64

6

SOUND14.wav

windows11-21h2-x64

6

SOUND16.wav

windows11-21h2-x64

6

SOUND17.wav

windows11-21h2-x64

6

SOUND18.wav

windows11-21h2-x64

1

SOUND181.wav

windows11-21h2-x64

6

SOUND19.wav

windows11-21h2-x64

6

SOUND20.wav

windows11-21h2-x64

6

SOUND21.wav

windows11-21h2-x64

6

SOUND22.wav

windows11-21h2-x64

6

SOUND24.wav

windows11-21h2-x64

6

SOUND240.wav

windows11-21h2-x64

6

SOUND243.wav

windows11-21h2-x64

6

SOUND25.wav

windows11-21h2-x64

6

SOUND26.wav

windows11-21h2-x64

6

SOUND27.wav

windows11-21h2-x64

1

SOUND28.wav

windows11-21h2-x64

6

SOUND29.wav

windows11-21h2-x64

6

Analysis

  • max time kernel
    142s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30/04/2024, 07:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SOUND12.wav

  • Size

    4KB

  • MD5

    e5123c98593aa610e794ce852aecefaf

  • SHA1

    83a2aadf3bf8afaa328f448beaf79df76c7c09f1

  • SHA256

    9902227bb6cedede8636c99688391d1a0a77428193e3a12dd7fb12401a598d5a

  • SHA512

    7219bcad519d0d2d4a7f1df6a591ce0cdad8c968782e6bd93fbd6926f02466c6ffd3996ea3c0323d7facb0de882d42a842c6429443646996ef4f36c6b09f0667

  • SSDEEP

    96:wlE7Ct7zOxg9YqazosVL/bYmJracMgsXN8COkGEAwb12s:mimezJTpJrHo9OJEr7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\SOUND12.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:4208
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004E4
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1712

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4208-6-0x00007FFF4E600000-0x00007FFF4E634000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4208-5-0x00007FF76DE00000-0x00007FF76DEF8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/4208-13-0x00007FFF4E820000-0x00007FFF4E83D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/4208-14-0x00007FFF4E560000-0x00007FFF4E571000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4208-12-0x00007FFF4EB30000-0x00007FFF4EB41000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4208-15-0x00007FFF4D980000-0x00007FFF4DB8B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4208-9-0x00007FFF538E0000-0x00007FFF538F7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4208-7-0x00007FFF3CAF0000-0x00007FFF3CDA6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/4208-10-0x00007FFF524D0000-0x00007FFF524E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4208-11-0x00007FFF51EB0000-0x00007FFF51EC7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4208-8-0x00007FFF53B80000-0x00007FFF53B98000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4208-25-0x00007FFF4D860000-0x00007FFF4D878000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4208-30-0x00007FFF42C30000-0x00007FFF42C87000-memory.dmp

    Filesize

    348KB

    Download

  • memory/4208-29-0x00007FFF4D7D0000-0x00007FFF4D7E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4208-28-0x00007FFF3B790000-0x00007FFF3B80C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/4208-27-0x00007FFF43F30000-0x00007FFF43F97000-memory.dmp

    Filesize

    412KB

    Download

  • memory/4208-26-0x00007FFF4D7F0000-0x00007FFF4D820000-memory.dmp

    Filesize

    192KB

    Download

  • memory/4208-24-0x00007FFF4D920000-0x00007FFF4D931000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4208-23-0x00007FFF4D940000-0x00007FFF4D95B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4208-22-0x00007FFF4DEE0000-0x00007FFF4DEF1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4208-21-0x00007FFF4DF00000-0x00007FFF4DF11000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4208-16-0x00007FFF3B810000-0x00007FFF3C8C0000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/4208-20-0x00007FFF4DF20000-0x00007FFF4DF31000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4208-19-0x00007FFF4E4C0000-0x00007FFF4E4D8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4208-18-0x00007FFF4E4E0000-0x00007FFF4E501000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4208-17-0x00007FFF4E510000-0x00007FFF4E551000-memory.dmp

    Filesize

    260KB

    Download

  • memory/4208-42-0x00007FFF3B810000-0x00007FFF3C8C0000-memory.dmp

    Filesize

    16.7MB

    Download