Analysis Overview
SHA256
93da68a3c1c40a9f76351b3fa152818e82e0e854459d47c404bffd461334fc6a
Threat Level: Known bad
The file 2023-11-15 20-48-56.mp4 was found to be: Known bad.
Malicious Activity Summary
PrivateLoader
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-05-09 20:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-09 20:32
Reported
2024-05-09 20:35
Platform
win7-20240508-ja
Max time kernel
81s
Max time network
17s
Command Line
Signatures
PrivateLoader
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\VideoLAN\VLC\vlc.exe | N/A |
Processes
C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\2023-11-15 20-48-56.mp4"
Network
Files
memory/1624-8-0x000007FEFAD10000-0x000007FEFAD44000-memory.dmp
memory/1624-7-0x000000013F5F0000-0x000000013F6E8000-memory.dmp
memory/1624-12-0x000007FEF7B50000-0x000007FEF7B61000-memory.dmp
memory/1624-16-0x000007FEF7AD0000-0x000007FEF7AE1000-memory.dmp
memory/1624-15-0x000007FEF7AF0000-0x000007FEF7B0D000-memory.dmp
memory/1624-9-0x000007FEF6180000-0x000007FEF6436000-memory.dmp
memory/1624-14-0x000007FEF7B10000-0x000007FEF7B21000-memory.dmp
memory/1624-13-0x000007FEF7B30000-0x000007FEF7B47000-memory.dmp
memory/1624-11-0x000007FEFAE20000-0x000007FEFAE37000-memory.dmp
memory/1624-10-0x000007FEFBB80000-0x000007FEFBB98000-memory.dmp
memory/1624-17-0x000007FEF5F70000-0x000007FEF617B000-memory.dmp
memory/1624-18-0x000007FEF7A80000-0x000007FEF7AC1000-memory.dmp
memory/1624-23-0x000007FEF78F0000-0x000007FEF7901000-memory.dmp
memory/1624-27-0x000007FEF6D50000-0x000007FEF6D68000-memory.dmp
memory/1624-30-0x000007FEF67F0000-0x000007FEF686C000-memory.dmp
memory/1624-32-0x000007FEF4E60000-0x000007FEF4EB7000-memory.dmp
memory/1624-34-0x000007FEF67D0000-0x000007FEF67E7000-memory.dmp
memory/1624-19-0x000007FEF4EC0000-0x000007FEF5F70000-memory.dmp
memory/1624-33-0x000007FEF4CE0000-0x000007FEF4E60000-memory.dmp
memory/1624-31-0x000007FEF6D00000-0x000007FEF6D11000-memory.dmp
memory/1624-29-0x000007FEF6870000-0x000007FEF68D7000-memory.dmp
memory/1624-28-0x000007FEF6D20000-0x000007FEF6D50000-memory.dmp
memory/1624-26-0x000007FEF6D70000-0x000007FEF6D81000-memory.dmp
memory/1624-25-0x000007FEF78A0000-0x000007FEF78BB000-memory.dmp
memory/1624-24-0x000007FEF78C0000-0x000007FEF78D1000-memory.dmp
memory/1624-22-0x000007FEF7990000-0x000007FEF79A1000-memory.dmp
memory/1624-21-0x000007FEF79B0000-0x000007FEF79C8000-memory.dmp
memory/1624-20-0x000007FEF79D0000-0x000007FEF79F1000-memory.dmp
memory/1624-39-0x000007FEF31C0000-0x000007FEF320D000-memory.dmp
memory/1624-38-0x000007FEF3210000-0x000007FEF3252000-memory.dmp
memory/1624-40-0x000007FEF3050000-0x000007FEF31BB000-memory.dmp
memory/1624-45-0x000007FEF2D30000-0x000007FEF2D46000-memory.dmp
memory/1624-44-0x000007FEF2D50000-0x000007FEF2D61000-memory.dmp
memory/1624-43-0x000007FEF2D70000-0x000007FEF2D9F000-memory.dmp
memory/1624-42-0x000007FEFAFA0000-0x000007FEFAFB0000-memory.dmp
memory/1624-41-0x000007FEF2FF0000-0x000007FEF3047000-memory.dmp
memory/1624-35-0x000007FEF3470000-0x000007FEF4CDF000-memory.dmp
memory/1624-37-0x000007FEF67B0000-0x000007FEF67C2000-memory.dmp
memory/1624-36-0x000007FEF3260000-0x000007FEF3466000-memory.dmp
memory/1624-48-0x000007FEF2BA0000-0x000007FEF2C02000-memory.dmp
memory/1624-47-0x000007FEF2C10000-0x000007FEF2C52000-memory.dmp
memory/1624-49-0x000007FEF2B80000-0x000007FEF2B95000-memory.dmp
memory/1624-46-0x000007FEF2C60000-0x000007FEF2D25000-memory.dmp
memory/1624-52-0x000007FEF28B0000-0x000007FEF28C2000-memory.dmp
memory/1624-51-0x000007FEF26F0000-0x000007FEF2701000-memory.dmp
memory/1624-50-0x000007FEF28D0000-0x000007FEF2B80000-memory.dmp
memory/1624-56-0x000007FEF2350000-0x000007FEF2361000-memory.dmp
memory/1624-55-0x000007FEF26A0000-0x000007FEF26C3000-memory.dmp
memory/1624-54-0x000007FEF26D0000-0x000007FEF26E5000-memory.dmp
memory/1624-57-0x000007FEF22E0000-0x000007FEF2341000-memory.dmp
memory/1624-58-0x000007FEF2290000-0x000007FEF22D7000-memory.dmp
memory/1624-53-0x000007FEF2730000-0x000007FEF28AA000-memory.dmp
memory/1624-59-0x000007FEF2210000-0x000007FEF2284000-memory.dmp
memory/1624-62-0x000007FEEFE40000-0x000007FEEFE97000-memory.dmp
memory/1624-63-0x000007FEEFE00000-0x000007FEEFE34000-memory.dmp
memory/1624-61-0x000007FEEFEA0000-0x000007FEEFEEE000-memory.dmp
memory/1624-60-0x000007FEF20A0000-0x000007FEF20B1000-memory.dmp
memory/1624-66-0x000007FEF6180000-0x000007FEF6436000-memory.dmp