981eeb419fd3ac1a7701cebe39149c89c8ba22a389936e93b3984d9640fdfad8

Analysis

max time kernel
156s
max time network
151s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
04-05-2024 21:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

art/sound/engine/0BE1F1A5405C187702AEE893B40ABF5F/EXH_1476.wav
Size

190KB
MD5

be9bc7f8382029f0978c8961169c4dbd
SHA1

7c77be1cc96317c16364bf2a3f3e9ee7ea0bf055
SHA256

4a5917cb03e80576946a4a207c9efb0537407a688744a62bd5b337c38559ab68
SHA512

5f945cbdf602cc5ec64f6768c460e7883e1983a983fcb73c8aa1d6e1fd3f598b26009221f066ca13cb0c1c6e0317ca2ea7a0471216509534101264c869b75ff2
SSDEEP

768:/hHtoNyn8q+aiiJ95tbLqft2OKmolp2mTDEJLOLRM3RH5ZKmm+8pvI+KoFwqq4DU:foYki74oFgEEI9iPm4T

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2564	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2564	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2564	vlc.exe
Token: SeIncBasePriorityPrivilege	2564	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe
2564	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2564	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\art\sound\engine\0BE1F1A5405C187702AEE893B40ABF5F\EXH_1476.wav"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2564-6-0x000007FEF7D30000-0x000007FEF7D64000-memory.dmp

Filesize
208KB

Download
memory/2564-5-0x000000013F3B0000-0x000000013F4A8000-memory.dmp

Filesize
992KB

Download
memory/2564-8-0x000007FEFBE50000-0x000007FEFBE68000-memory.dmp

Filesize
96KB

Download
memory/2564-9-0x000007FEFB790000-0x000007FEFB7A7000-memory.dmp

Filesize
92KB

Download
memory/2564-11-0x000007FEF7E00000-0x000007FEF7E17000-memory.dmp

Filesize
92KB

Download
memory/2564-10-0x000007FEFB730000-0x000007FEFB741000-memory.dmp

Filesize
68KB

Download
memory/2564-12-0x000007FEF7DC0000-0x000007FEF7DD1000-memory.dmp

Filesize
68KB

Download
memory/2564-14-0x000007FEF7CF0000-0x000007FEF7D01000-memory.dmp

Filesize
68KB

Download
memory/2564-13-0x000007FEF7D10000-0x000007FEF7D2D000-memory.dmp

Filesize
116KB

Download
memory/2564-7-0x000007FEF6380000-0x000007FEF6634000-memory.dmp

Filesize
2.7MB

Download
memory/2564-18-0x000007FEF7B70000-0x000007FEF7B88000-memory.dmp

Filesize
96KB

Download
memory/2564-15-0x000007FEF6180000-0x000007FEF6380000-memory.dmp

Filesize
2.0MB

Download
memory/2564-17-0x000007FEF7B90000-0x000007FEF7BB1000-memory.dmp

Filesize
132KB

Download
memory/2564-19-0x000007FEF7B50000-0x000007FEF7B61000-memory.dmp

Filesize
68KB

Download
memory/2564-16-0x000007FEF7BC0000-0x000007FEF7BFF000-memory.dmp

Filesize
252KB

Download
memory/2564-22-0x000007FEF7000000-0x000007FEF7011000-memory.dmp

Filesize
68KB

Download
memory/2564-21-0x000007FEF7B30000-0x000007FEF7B41000-memory.dmp

Filesize
68KB

Download
memory/2564-24-0x000007FEF6FC0000-0x000007FEF6FD1000-memory.dmp

Filesize
68KB

Download
memory/2564-27-0x000007FEF6A20000-0x000007FEF6A87000-memory.dmp

Filesize
412KB

Download
memory/2564-30-0x000007FEF5070000-0x000007FEF50C6000-memory.dmp

Filesize
344KB

Download
memory/2564-29-0x000007FEF6B00000-0x000007FEF6B11000-memory.dmp

Filesize
68KB

Download
memory/2564-28-0x000007FEF69B0000-0x000007FEF6A1F000-memory.dmp

Filesize
444KB

Download
memory/2564-26-0x000007FEF6A90000-0x000007FEF6AC0000-memory.dmp

Filesize
192KB

Download
memory/2564-31-0x000007FEF5040000-0x000007FEF5068000-memory.dmp

Filesize
160KB

Download
memory/2564-25-0x000007FEF6FA0000-0x000007FEF6FB8000-memory.dmp

Filesize
96KB

Download
memory/2564-23-0x000007FEF6FE0000-0x000007FEF6FFB000-memory.dmp

Filesize
108KB

Download
memory/2564-32-0x000007FEF5010000-0x000007FEF5034000-memory.dmp

Filesize
144KB

Download
memory/2564-33-0x000007FEF4FF0000-0x000007FEF5007000-memory.dmp

Filesize
92KB

Download
memory/2564-34-0x000007FEF4FC0000-0x000007FEF4FE3000-memory.dmp

Filesize
140KB

Download
memory/2564-35-0x000007FEF4FA0000-0x000007FEF4FB1000-memory.dmp

Filesize
68KB

Download
memory/2564-36-0x000007FEF4F80000-0x000007FEF4F92000-memory.dmp

Filesize
72KB

Download
memory/2564-37-0x000007FEF4F50000-0x000007FEF4F71000-memory.dmp

Filesize
132KB

Download
memory/2564-39-0x000007FEFB820000-0x000007FEFB830000-memory.dmp

Filesize
64KB

Download
memory/2564-38-0x000007FEF4F30000-0x000007FEF4F43000-memory.dmp

Filesize
76KB

Download
memory/2564-40-0x000007FEF4D60000-0x000007FEF4D8F000-memory.dmp

Filesize
188KB

Download
memory/2564-43-0x000007FEF4D00000-0x000007FEF4D15000-memory.dmp

Filesize
84KB

Download
memory/2564-45-0x000007FEF4CA0000-0x000007FEF4CB2000-memory.dmp

Filesize
72KB

Download
memory/2564-44-0x000007FEF4CC0000-0x000007FEF4CD1000-memory.dmp

Filesize
68KB

Download
memory/2564-42-0x000007FEF4D20000-0x000007FEF4D36000-memory.dmp

Filesize
88KB

Download
memory/2564-41-0x000007FEF4D40000-0x000007FEF4D51000-memory.dmp

Filesize
68KB

Download
memory/2564-48-0x000007FEF4AE0000-0x000007FEF4AF4000-memory.dmp

Filesize
80KB

Download
memory/2564-46-0x000007FEF4B20000-0x000007FEF4C9A000-memory.dmp

Filesize
1.5MB

Download
memory/2564-20-0x000007FEF50D0000-0x000007FEF617B000-memory.dmp

Filesize
16.7MB

Download
memory/2564-52-0x000007FEF4A60000-0x000007FEF4A76000-memory.dmp

Filesize
88KB

Download
memory/2564-51-0x000007FEF4A80000-0x000007FEF4A91000-memory.dmp

Filesize
68KB

Download
memory/2564-50-0x000007FEF4AA0000-0x000007FEF4AB1000-memory.dmp

Filesize
68KB

Download
memory/2564-49-0x000007FEF4AC0000-0x000007FEF4AD1000-memory.dmp

Filesize
68KB

Download
memory/2564-47-0x000007FEF4B00000-0x000007FEF4B13000-memory.dmp

Filesize
76KB

Download