981eeb419fd3ac1a7701cebe39149c89c8ba22a389936e93b3984d9640fdfad8

Analysis

max time kernel
141s
max time network
133s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
04/05/2024, 21:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

art/sound/engine/0BE1F1A5405C187702AEE893B40ABF5F/EXH_1476_P.wav
Size

190KB
MD5

3cb8e860cb9f1097926648d86afed647
SHA1

313b6520bf7de941137b1a75cc0ecd6364c26acf
SHA256

1b98906985025cb311cdc724d7c2913fc3142f7b72da771df888453ee3194b92
SHA512

b932ad503939689cd1c8988330075bc861f51a033753dd59bb6356e7cede92d8ba34d028f25c0ac064e6853fe15095efa75675409521c19bd8e9b6c22dc6b535
SSDEEP

3072:GL4BuG++as9Mb4kXnEhKJ5EMQUoiurX1wRoYXbPfwlwsMeZdxeAiYyUpCWvcZj1N:Gs6s9K4CsKJ5ETYLPfMxU5wvA41+sqc6

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2956	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2956	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2956	vlc.exe
Token: SeIncBasePriorityPrivilege	2956	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe
2956	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2956	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\art\sound\engine\0BE1F1A5405C187702AEE893B40ABF5F\EXH_1476_P.wav"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2956-6-0x000007FEF7DD0000-0x000007FEF7E04000-memory.dmp

Filesize
208KB

Download
memory/2956-5-0x000000013F2F0000-0x000000013F3E8000-memory.dmp

Filesize
992KB

Download
memory/2956-8-0x000007FEFBC20000-0x000007FEFBC38000-memory.dmp

Filesize
96KB

Download
memory/2956-13-0x000007FEF7B10000-0x000007FEF7B2D000-memory.dmp

Filesize
116KB

Download
memory/2956-12-0x000007FEF7B30000-0x000007FEF7B41000-memory.dmp

Filesize
68KB

Download
memory/2956-25-0x000007FEF6A10000-0x000007FEF6A40000-memory.dmp

Filesize
192KB

Download
memory/2956-24-0x000007FEF6A40000-0x000007FEF6A58000-memory.dmp

Filesize
96KB

Download
memory/2956-23-0x000007FEF6A60000-0x000007FEF6A71000-memory.dmp

Filesize
68KB

Download
memory/2956-37-0x000007FEFAD50000-0x000007FEFAD60000-memory.dmp

Filesize
64KB

Download
memory/2956-47-0x000007FEF49C0000-0x000007FEF49D6000-memory.dmp

Filesize
88KB

Download
memory/2956-26-0x000007FEF5130000-0x000007FEF61DB000-memory.dmp

Filesize
16.7MB

Download
memory/2956-46-0x000007FEF49E0000-0x000007FEF49F1000-memory.dmp

Filesize
68KB

Download
memory/2956-45-0x000007FEF4A00000-0x000007FEF4A11000-memory.dmp

Filesize
68KB

Download
memory/2956-44-0x000007FEF4A20000-0x000007FEF4A31000-memory.dmp

Filesize
68KB

Download
memory/2956-43-0x000007FEF4A40000-0x000007FEF4A54000-memory.dmp

Filesize
80KB

Download
memory/2956-42-0x000007FEF4A60000-0x000007FEF4A73000-memory.dmp

Filesize
76KB

Download
memory/2956-41-0x000007FEF4A80000-0x000007FEF4BFA000-memory.dmp

Filesize
1.5MB

Download
memory/2956-40-0x000007FEF4C00000-0x000007FEF4C12000-memory.dmp

Filesize
72KB

Download
memory/2956-39-0x000007FEF4C20000-0x000007FEF4C31000-memory.dmp

Filesize
68KB

Download
memory/2956-38-0x000007FEF4CC0000-0x000007FEF4CEF000-memory.dmp

Filesize
188KB

Download
memory/2956-36-0x000007FEF4EE0000-0x000007FEF4EF2000-memory.dmp

Filesize
72KB

Download
memory/2956-35-0x000007FEF4F00000-0x000007FEF4F11000-memory.dmp

Filesize
68KB

Download
memory/2956-34-0x000007FEF4F20000-0x000007FEF4F43000-memory.dmp

Filesize
140KB

Download
memory/2956-33-0x000007FEF4F50000-0x000007FEF4F67000-memory.dmp

Filesize
92KB

Download
memory/2956-32-0x000007FEF4F70000-0x000007FEF4F94000-memory.dmp

Filesize
144KB

Download
memory/2956-31-0x000007FEF4FA0000-0x000007FEF4FC8000-memory.dmp

Filesize
160KB

Download
memory/2956-30-0x000007FEF4FD0000-0x000007FEF5026000-memory.dmp

Filesize
344KB

Download
memory/2956-29-0x000007FEF5030000-0x000007FEF5041000-memory.dmp

Filesize
68KB

Download
memory/2956-28-0x000007FEF5050000-0x000007FEF50BF000-memory.dmp

Filesize
444KB

Download
memory/2956-27-0x000007FEF50C0000-0x000007FEF5127000-memory.dmp

Filesize
412KB

Download
memory/2956-22-0x000007FEF6A80000-0x000007FEF6A9B000-memory.dmp

Filesize
108KB

Download
memory/2956-14-0x000007FEF61E0000-0x000007FEF63E0000-memory.dmp

Filesize
2.0MB

Download
memory/2956-21-0x000007FEF6AA0000-0x000007FEF6AB1000-memory.dmp

Filesize
68KB

Download
memory/2956-20-0x000007FEF6AC0000-0x000007FEF6AD1000-memory.dmp

Filesize
68KB

Download
memory/2956-19-0x000007FEF6AE0000-0x000007FEF6AF1000-memory.dmp

Filesize
68KB

Download
memory/2956-18-0x000007FEF6B00000-0x000007FEF6B18000-memory.dmp

Filesize
96KB

Download
memory/2956-17-0x000007FEF6EF0000-0x000007FEF6F11000-memory.dmp

Filesize
132KB

Download
memory/2956-16-0x000007FEF6F20000-0x000007FEF6F5F000-memory.dmp

Filesize
252KB

Download
memory/2956-15-0x000007FEF6F60000-0x000007FEF6F71000-memory.dmp

Filesize
68KB

Download
memory/2956-7-0x000007FEF63E0000-0x000007FEF6694000-memory.dmp

Filesize
2.7MB

Download
memory/2956-11-0x000007FEF7BC0000-0x000007FEF7BD7000-memory.dmp

Filesize
92KB

Download
memory/2956-10-0x000007FEF7DB0000-0x000007FEF7DC1000-memory.dmp

Filesize
68KB

Download
memory/2956-9-0x000007FEFAD00000-0x000007FEFAD17000-memory.dmp

Filesize
92KB

Download