Resubmissions
11/05/2024, 15:50
240511-s9166aha85 611/05/2024, 15:49
240511-s9de4aeb8v 611/05/2024, 15:36
240511-s2c5csdg5y 6Analysis
-
max time kernel
1190s -
max time network
842s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11/05/2024, 15:49
Static task
static1
Behavioral task
behavioral1
Sample
Black Panther Edit.mp4
Resource
win7-20240221-en
6 signatures
1200 seconds
Behavioral task
behavioral2
Sample
Black Panther Edit.mp4
Resource
win10v2004-20240426-en
3 signatures
1200 seconds
General
-
Target
Black Panther Edit.mp4
-
Size
22.3MB
-
MD5
669c154cf8c331a1d633183437c270be
-
SHA1
ca57aa70e6b8f2da7c6f8c6a50188f8e8294f43f
-
SHA256
a5c904036e2803c988bb3f53b41cbe0684b115ca23d09b1ee07748588a17e6e6
-
SHA512
928e88df4a34c4f68095b87fc159627419f98291e13e75d7764057b9e3a16635f20074bb37ccd3c7883d0d37da39a1bd2452e28fe2ac088bf151b559a5658e80
-
SSDEEP
393216:yDtH5iGz14pJt2pSyhaK1l5f8S97b3k4xLSJndFMWOZ2cl7:yeGRoYSyzV7bUbnEWOZ9
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
pid Process 2088 vlc.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2088 vlc.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: 33 2088 vlc.exe Token: SeIncBasePriorityPrivilege 2088 vlc.exe -
Suspicious use of FindShellTrayWindow 27 IoCs
pid Process 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe -
Suspicious use of SendNotifyMessage 8 IoCs
pid Process 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe 2088 vlc.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2088 vlc.exe
Processes
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Black Panther Edit.mp4"1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2088