Overview

overview

6

Static

static

3

PinballXP.zip

windows11-21h2-x64

1

FONT.dat

windows11-21h2-x64

3

PINBALL.dat

windows11-21h2-x64

3

PINBALL.mid

windows11-21h2-x64

1

PINBALL2.mid

windows11-21h2-x64

1

SOUND1.wav

windows11-21h2-x64

6

SOUND104.wav

windows11-21h2-x64

6

SOUND105.wav

windows11-21h2-x64

6

SOUND108.wav

windows11-21h2-x64

6

SOUND111.wav

windows11-21h2-x64

6

SOUND112.wav

windows11-21h2-x64

6

SOUND12.wav

windows11-21h2-x64

1

SOUND13.wav

windows11-21h2-x64

6

SOUND131.wav

windows11-21h2-x64

6

SOUND136.wav

windows11-21h2-x64

6

SOUND14.wav

windows11-21h2-x64

6

SOUND16.wav

windows11-21h2-x64

6

SOUND17.wav

windows11-21h2-x64

6

SOUND18.wav

windows11-21h2-x64

1

SOUND181.wav

windows11-21h2-x64

6

SOUND19.wav

windows11-21h2-x64

6

SOUND20.wav

windows11-21h2-x64

6

SOUND21.wav

windows11-21h2-x64

6

SOUND22.wav

windows11-21h2-x64

6

SOUND24.wav

windows11-21h2-x64

6

SOUND240.wav

windows11-21h2-x64

6

SOUND243.wav

windows11-21h2-x64

6

SOUND25.wav

windows11-21h2-x64

6

SOUND26.wav

windows11-21h2-x64

6

SOUND27.wav

windows11-21h2-x64

1

SOUND28.wav

windows11-21h2-x64

6

SOUND29.wav

windows11-21h2-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30/04/2024, 07:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    SOUND27.wav

  • Size

    19KB

  • MD5

    afa9ee18904167c87be0ddd3da6cdca0

  • SHA1

    d403214aeb68ccb48c156332d1e28f60a1864181

  • SHA256

    a56953cf0ff543930fe3d32787b330ff7339e2f8e93b2fff9389cd6a799439e2

  • SHA512

    42bbe4366d533ac0fe06d98fe930c7912395a028e3bb861ff988dccb1382e0a3abb7832bc472f1934e1c090865dc2bb740070dad1724f50462ccf209e31dc032

  • SSDEEP

    384:asyD+4OfSREQCcHxqvWhq8vyIkvIyU387CQwk1O5HG+iCvVRq6GSaiRD4VIH4G:Tv4TRhlHxqlNIkvIFeCtkI5m+iuRquJP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\SOUND27.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3928
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004B8
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3928-5-0x00007FF762B40000-0x00007FF762C38000-memory.dmp

    Filesize

    992KB

    Download

  • memory/3928-6-0x00007FFB95560000-0x00007FFB95594000-memory.dmp

    Filesize

    208KB

    Download

  • memory/3928-11-0x00007FFB9A4A0000-0x00007FFB9A4B7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3928-14-0x00007FFB95400000-0x00007FFB95411000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3928-13-0x00007FFB95680000-0x00007FFB9569D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/3928-16-0x00007FFB953B0000-0x00007FFB953F1000-memory.dmp

    Filesize

    260KB

    Download

  • memory/3928-12-0x00007FFB984D0000-0x00007FFB984E1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3928-7-0x00007FFB83740000-0x00007FFB839F6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/3928-8-0x00007FFB9EC50000-0x00007FFB9EC68000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3928-10-0x00007FFB9A6A0000-0x00007FFB9A6B1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3928-9-0x00007FFB9EBF0000-0x00007FFB9EC07000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3928-20-0x00007FFB95340000-0x00007FFB95351000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3928-27-0x00007FFB94D20000-0x00007FFB94D87000-memory.dmp

    Filesize

    412KB

    Download

  • memory/3928-29-0x00007FFB94C80000-0x00007FFB94C91000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3928-28-0x00007FFB94CA0000-0x00007FFB94D1C000-memory.dmp

    Filesize

    496KB

    Download

  • memory/3928-26-0x00007FFB94D90000-0x00007FFB94DC0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/3928-17-0x00007FFB82250000-0x00007FFB83300000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/3928-25-0x00007FFB94DC0000-0x00007FFB94DD8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3928-24-0x00007FFB94DE0000-0x00007FFB94DF1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3928-23-0x00007FFB94E00000-0x00007FFB94E1B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/3928-22-0x00007FFB94E20000-0x00007FFB94E31000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3928-21-0x00007FFB95320000-0x00007FFB95331000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3928-30-0x00007FFB94BA0000-0x00007FFB94BF7000-memory.dmp

    Filesize

    348KB

    Download

  • memory/3928-19-0x00007FFB95360000-0x00007FFB95378000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3928-18-0x00007FFB95380000-0x00007FFB953A1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/3928-15-0x00007FFB83300000-0x00007FFB8350B000-memory.dmp

    Filesize

    2.0MB

    Download