981eeb419fd3ac1a7701cebe39149c89c8ba22a389936e93b3984d9640fdfad8

Analysis

max time kernel
141s
max time network
138s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
04-05-2024 21:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

art/sound/engine/0BE1F1A5405C187702AEE893B40ABF5F/EXH_1380.wav
Size

191KB
MD5

9f717e844e1fb630e60c3ac54ff9fdd7
SHA1

ab57f6957ca16402585c352964a2b0a937d03b65
SHA256

09c1168fdcf349c8eaa76034ec005a1576a42d6e9dd01e0bf478ca01072ea015
SHA512

04013039b4252fcb646a33b3a787998d1041ad9e37dc0d78f85da23f1c4bf20c91e50d5e78bfaa0ba9fef31d28bd89cc51dbb1a965b11fe30ade36813075335f
SSDEEP

768:B3O1Mr1h1Y7RN/ekYltZCyV/V1nsIyJOiCRHIdBBZFF+360UdvnkL0+vTogBh2wG:JU

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2156	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2156	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2156	vlc.exe
Token: SeIncBasePriorityPrivilege	2156	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe
2156	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2156	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\art\sound\engine\0BE1F1A5405C187702AEE893B40ABF5F\EXH_1380.wav"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2156-14-0x000007FEF7FD0000-0x000007FEF7FE1000-memory.dmp

Filesize
68KB

Download
memory/2156-15-0x000007FEF6AC0000-0x000007FEF6CC0000-memory.dmp

Filesize
2.0MB

Download
memory/2156-13-0x000007FEF7FF0000-0x000007FEF800D000-memory.dmp

Filesize
116KB

Download
memory/2156-18-0x000007FEF7F60000-0x000007FEF7F81000-memory.dmp

Filesize
132KB

Download
memory/2156-35-0x000007FEF53E0000-0x000007FEF53F1000-memory.dmp

Filesize
68KB

Download
memory/2156-42-0x000007FEF5100000-0x000007FEF5111000-memory.dmp

Filesize
68KB

Download
memory/2156-47-0x000007FEF4F00000-0x000007FEF4F11000-memory.dmp

Filesize
68KB

Download
memory/2156-50-0x000007FEF4EA0000-0x000007FEF4EB6000-memory.dmp

Filesize
88KB

Download
memory/2156-49-0x000007FEF4EC0000-0x000007FEF4ED1000-memory.dmp

Filesize
68KB

Download
memory/2156-48-0x000007FEF4EE0000-0x000007FEF4EF1000-memory.dmp

Filesize
68KB

Download
memory/2156-44-0x000007FEF4F60000-0x000007FEF50DA000-memory.dmp

Filesize
1.5MB

Download
memory/2156-46-0x000007FEF4F20000-0x000007FEF4F34000-memory.dmp

Filesize
80KB

Download
memory/2156-45-0x000007FEF4F40000-0x000007FEF4F53000-memory.dmp

Filesize
76KB

Download
memory/2156-16-0x000007FEF55A0000-0x000007FEF664B000-memory.dmp

Filesize
16.7MB

Download
memory/2156-43-0x000007FEF50E0000-0x000007FEF50F2000-memory.dmp

Filesize
72KB

Download
memory/2156-41-0x000007FEF5140000-0x000007FEF5155000-memory.dmp

Filesize
84KB

Download
memory/2156-40-0x000007FEF5160000-0x000007FEF5176000-memory.dmp

Filesize
88KB

Download
memory/2156-39-0x000007FEF5180000-0x000007FEF5191000-memory.dmp

Filesize
68KB

Download
memory/2156-38-0x000007FEF51A0000-0x000007FEF51CF000-memory.dmp

Filesize
188KB

Download
memory/2156-37-0x000007FEFB9D0000-0x000007FEFB9E0000-memory.dmp

Filesize
64KB

Download
memory/2156-36-0x000007FEF53C0000-0x000007FEF53D2000-memory.dmp

Filesize
72KB

Download
memory/2156-34-0x000007FEF5400000-0x000007FEF5423000-memory.dmp

Filesize
140KB

Download
memory/2156-33-0x000007FEF6D30000-0x000007FEF6D47000-memory.dmp

Filesize
92KB

Download
memory/2156-32-0x000007FEF5430000-0x000007FEF5454000-memory.dmp

Filesize
144KB

Download
memory/2156-31-0x000007FEF6A50000-0x000007FEF6A78000-memory.dmp

Filesize
160KB

Download
memory/2156-30-0x000007FEF5460000-0x000007FEF54B6000-memory.dmp

Filesize
344KB

Download
memory/2156-29-0x000007FEF6D50000-0x000007FEF6D61000-memory.dmp

Filesize
68KB

Download
memory/2156-28-0x000007FEF54C0000-0x000007FEF552F000-memory.dmp

Filesize
444KB

Download
memory/2156-27-0x000007FEF5530000-0x000007FEF5597000-memory.dmp

Filesize
412KB

Download
memory/2156-25-0x000007FEF6DA0000-0x000007FEF6DB8000-memory.dmp

Filesize
96KB

Download
memory/2156-23-0x000007FEF73B0000-0x000007FEF73CB000-memory.dmp

Filesize
108KB

Download
memory/2156-22-0x000007FEF73D0000-0x000007FEF73E1000-memory.dmp

Filesize
68KB

Download
memory/2156-26-0x000007FEF6D70000-0x000007FEF6DA0000-memory.dmp

Filesize
192KB

Download
memory/2156-24-0x000007FEF7390000-0x000007FEF73A1000-memory.dmp

Filesize
68KB

Download
memory/2156-21-0x000007FEF73F0000-0x000007FEF7401000-memory.dmp

Filesize
68KB

Download
memory/2156-20-0x000007FEF7D90000-0x000007FEF7DA1000-memory.dmp

Filesize
68KB

Download
memory/2156-19-0x000007FEF7F40000-0x000007FEF7F58000-memory.dmp

Filesize
96KB

Download
memory/2156-17-0x000007FEF7F90000-0x000007FEF7FCF000-memory.dmp

Filesize
252KB

Download
memory/2156-12-0x000007FEF81B0000-0x000007FEF81C1000-memory.dmp

Filesize
68KB

Download
memory/2156-11-0x000007FEF81D0000-0x000007FEF81E7000-memory.dmp

Filesize
92KB

Download
memory/2156-8-0x000007FEFC1C0000-0x000007FEFC1D8000-memory.dmp

Filesize
96KB

Download
memory/2156-10-0x000007FEFB850000-0x000007FEFB861000-memory.dmp

Filesize
68KB

Download
memory/2156-9-0x000007FEFB8D0000-0x000007FEFB8E7000-memory.dmp

Filesize
92KB

Download
memory/2156-7-0x000007FEF6650000-0x000007FEF6904000-memory.dmp

Filesize
2.7MB

Download
memory/2156-6-0x000007FEFB870000-0x000007FEFB8A4000-memory.dmp

Filesize
208KB

Download
memory/2156-5-0x000000013FE80000-0x000000013FF78000-memory.dmp

Filesize
992KB

Download