Overview

overview

6

Static

static

3

PinballXP.zip

windows11-21h2-x64

1

FONT.dat

windows11-21h2-x64

3

PINBALL.dat

windows11-21h2-x64

3

PINBALL.mid

windows11-21h2-x64

1

PINBALL2.mid

windows11-21h2-x64

1

SOUND1.wav

windows11-21h2-x64

6

SOUND104.wav

windows11-21h2-x64

6

SOUND105.wav

windows11-21h2-x64

6

SOUND108.wav

windows11-21h2-x64

6

SOUND111.wav

windows11-21h2-x64

6

SOUND112.wav

windows11-21h2-x64

6

SOUND12.wav

windows11-21h2-x64

1

SOUND13.wav

windows11-21h2-x64

6

SOUND131.wav

windows11-21h2-x64

6

SOUND136.wav

windows11-21h2-x64

6

SOUND14.wav

windows11-21h2-x64

6

SOUND16.wav

windows11-21h2-x64

6

SOUND17.wav

windows11-21h2-x64

6

SOUND18.wav

windows11-21h2-x64

1

SOUND181.wav

windows11-21h2-x64

6

SOUND19.wav

windows11-21h2-x64

6

SOUND20.wav

windows11-21h2-x64

6

SOUND21.wav

windows11-21h2-x64

6

SOUND22.wav

windows11-21h2-x64

6

SOUND24.wav

windows11-21h2-x64

6

SOUND240.wav

windows11-21h2-x64

6

SOUND243.wav

windows11-21h2-x64

6

SOUND25.wav

windows11-21h2-x64

6

SOUND26.wav

windows11-21h2-x64

6

SOUND27.wav

windows11-21h2-x64

1

SOUND28.wav

windows11-21h2-x64

6

SOUND29.wav

windows11-21h2-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30-04-2024 07:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SOUND18.wav

  • Size

    3KB

  • MD5

    400442c6289e5f757fc6444f49dc728a

  • SHA1

    6d029c7a90a0ba60e22592c9ff7b4c4ef308c6bf

  • SHA256

    12c46563839b43ea562d7ed581b0ee20e8069f3109435ef33a72e24f429e6336

  • SHA512

    e4617d8cd7772099c49f3fc5afb1cb5bfab927476049228354ed092ac9597163cdd4294f1e36a006f19d18b2da2f2de2e0ea5ad5f96284dda155e0369d02ce57

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\SOUND18.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2108
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004E0
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1160

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2108-6-0x00007FFAD62F0000-0x00007FFAD6324000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2108-5-0x00007FF7C9AC0000-0x00007FF7C9BB8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/2108-14-0x00007FFAD2550000-0x00007FFAD2561000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2108-13-0x00007FFAD2DE0000-0x00007FFAD2DFD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2108-12-0x00007FFAD62D0000-0x00007FFAD62E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2108-16-0x00007FFAD2500000-0x00007FFAD2541000-memory.dmp

    Filesize

    260KB

    Download

  • memory/2108-15-0x00007FFAC0F20000-0x00007FFAC112B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2108-11-0x00007FFAD6A50000-0x00007FFAD6A67000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2108-10-0x00007FFAD7A60000-0x00007FFAD7A71000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2108-21-0x00007FFAD2470000-0x00007FFAD2481000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2108-25-0x00007FFAD23F0000-0x00007FFAD2408000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2108-30-0x00007FFAD1A40000-0x00007FFAD1A97000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2108-24-0x00007FFAD2410000-0x00007FFAD2421000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2108-23-0x00007FFAD2430000-0x00007FFAD244B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2108-22-0x00007FFAD2450000-0x00007FFAD2461000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2108-17-0x00007FFABFE70000-0x00007FFAC0F20000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/2108-20-0x00007FFAD2490000-0x00007FFAD24A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2108-19-0x00007FFAD24B0000-0x00007FFAD24C8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2108-18-0x00007FFAD24D0000-0x00007FFAD24F1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2108-7-0x00007FFAD25B0000-0x00007FFAD2866000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2108-29-0x00007FFAD23D0000-0x00007FFAD23E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2108-28-0x00007FFAD1AA0000-0x00007FFAD1B1C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/2108-27-0x00007FFAD1B20000-0x00007FFAD1B87000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2108-26-0x00007FFAD2200000-0x00007FFAD2230000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2108-9-0x00007FFAD7CA0000-0x00007FFAD7CB7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2108-8-0x00007FFADC0B0000-0x00007FFADC0C8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2108-43-0x00007FFABFE70000-0x00007FFAC0F20000-memory.dmp

    Filesize

    16.7MB

    Download