Malware Analysis Report

2025-08-05 15:54

Sample ID 240529-skydzaab41
Target zbxl.zip
SHA256 eafd8f574ea7fd0f345eaa19eae8d0d78d5323c8154592c850a2d78a86817744
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

eafd8f574ea7fd0f345eaa19eae8d0d78d5323c8154592c850a2d78a86817744

Threat Level: No (potentially) malicious behavior was detected

The file zbxl.zip was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-05-29 15:12

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-29 15:11

Reported

2024-05-29 15:13

Platform

win7-20240508-en

Max time kernel

22s

Max time network

24s

Command Line

C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\zbxl.zip

Signatures

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Processes

C:\Windows\Explorer.exe

C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\zbxl.zip

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\CompressExpand.m4v"

C:\Windows\explorer.exe

"C:\Windows\explorer.exe"

Network

N/A

Files

memory/2672-23-0x000007FEF8560000-0x000007FEF8594000-memory.dmp

memory/2672-22-0x000000013F770000-0x000000013F868000-memory.dmp

memory/2672-24-0x000007FEF60B0000-0x000007FEF6366000-memory.dmp

memory/2672-25-0x000007FEF5000000-0x000007FEF60B0000-memory.dmp