3873f27c4a28bad9f4b6be23d7cca31594fa9f0fd4da4636c5427e6064d7a32e

Analysis

max time kernel
20s
max time network
17s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
01-05-2024 21:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sounds/hi.mp3
Size

43KB
MD5

5765e6e7e53ce2b479228909916eec8c
SHA1

2220fb6d874f0aa2d3f40de2e5b7bfe011e52bbc
SHA256

a67edfe1aa67a960bc47404745d7513f19d8e747044d4d258e0edf3eac077759
SHA512

5fc2f707132aaeef2792c6e357ccd37327a295b738ed939e8085234ffcbf1b5b4f85706297930818a153fc38d4db1fa3cb2787e15db1456110ba13d945525fea
SSDEEP

768:Lt3WwmLXsGH6zbepgymQxpEcy3d4Ul2encHU111pA7fwCC7uH9Us4Pazo4iA:Z3Zmr9azON7xec6dVl2Uc0111UflyuHp

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2584	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2584	vlc.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: 33	4656	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4656	AUDIODG.EXE
Token: 33	2584	vlc.exe
Token: SeIncBasePriorityPrivilege	2584	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe
2584	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2584	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\sounds\hi.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2584

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3c8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2584-8-0x00007FFD307E0000-0x00007FFD30814000-memory.dmp

Filesize
208KB

Download
memory/2584-7-0x00007FF776970000-0x00007FF776A68000-memory.dmp

Filesize
992KB

Download
memory/2584-16-0x00007FFD30140000-0x00007FFD30151000-memory.dmp

Filesize
68KB

Download
memory/2584-15-0x00007FFD30160000-0x00007FFD3017D000-memory.dmp

Filesize
116KB

Download
memory/2584-14-0x00007FFD30470000-0x00007FFD30481000-memory.dmp

Filesize
68KB

Download
memory/2584-13-0x00007FFD30490000-0x00007FFD304A7000-memory.dmp

Filesize
92KB

Download
memory/2584-12-0x00007FFD304B0000-0x00007FFD304C1000-memory.dmp

Filesize
68KB

Download
memory/2584-11-0x00007FFD307C0000-0x00007FFD307D7000-memory.dmp

Filesize
92KB

Download
memory/2584-10-0x00007FFD337D0000-0x00007FFD337E8000-memory.dmp

Filesize
96KB

Download
memory/2584-17-0x00007FFD20CA0000-0x00007FFD20EAB000-memory.dmp

Filesize
2.0MB

Download
memory/2584-9-0x00007FFD2FAC0000-0x00007FFD2FD76000-memory.dmp

Filesize
2.7MB

Download
memory/2584-26-0x00007FFD1E1E0000-0x00007FFD1E1F7000-memory.dmp

Filesize
92KB

Download
memory/2584-25-0x00007FFD2F9F0000-0x00007FFD2FA0B000-memory.dmp

Filesize
108KB

Download
memory/2584-24-0x00007FFD2FA10000-0x00007FFD2FA21000-memory.dmp

Filesize
68KB

Download
memory/2584-23-0x00007FFD2FA30000-0x00007FFD2FA41000-memory.dmp

Filesize
68KB

Download
memory/2584-22-0x00007FFD2FA50000-0x00007FFD2FA61000-memory.dmp

Filesize
68KB

Download
memory/2584-21-0x00007FFD2FA70000-0x00007FFD2FA88000-memory.dmp

Filesize
96KB

Download
memory/2584-20-0x00007FFD2FA90000-0x00007FFD2FAB1000-memory.dmp

Filesize
132KB

Download
memory/2584-19-0x00007FFD300F0000-0x00007FFD30131000-memory.dmp

Filesize
260KB

Download
memory/2584-18-0x00007FFD1FBF0000-0x00007FFD20CA0000-memory.dmp

Filesize
16.7MB

Download
memory/2584-38-0x00007FFD1FBF0000-0x00007FFD20CA0000-memory.dmp

Filesize
16.7MB

Download