Analysis

  • max time kernel
    148s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30-05-2024 23:07

General

  • Target

    RegisterComplete.ram

  • Size

    634KB

  • MD5

    bfb53d968348d8270a61a72d8b1e51d9

  • SHA1

    3555dbcbe330fbf8afc1760abe311e5a6bd2c677

  • SHA256

    cc0391cb346bcb158a2123ab555f055479597fd8d745e4ca8b3074b05e04e1f7

  • SHA512

    613c91455673c2c5b7c1f3780ff688dba8c69a9e1817532e4f58334cd9ec585d841d4cf454af78f6422bebfc13326ad6a00af62b750445754d91e2fe04777dc9

  • SSDEEP

    12288:HxFAlnEeETyWhoYv6C+DTAYA3kEMmYWQcUjdN7ZyXE7Nmju:RunEeETyuoM6C2AYA0EMKQc+jA3ju

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\RegisterComplete.ram"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2096

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock

    Filesize

    18B

    MD5

    17539fce4ca24b7bc320ce26e3241cf4

    SHA1

    7c25a321700ae6e578af8ad5c3979cadd32af7a7

    SHA256

    e34e60f9750d52074f459930e1bdc3ca27cb2602205f7a3d2fee7bcfb42de157

    SHA512

    0018b920e553825661c60ef158332dd3e6e9e84be0187fcf88df6b43e8f8e7a36d8bf7cc0e9f5270e55ef19a88ffe8cc9a017b47e06e8c6588ab91556a147a12

  • memory/2096-26-0x000007FEF7B50000-0x000007FEF7B84000-memory.dmp

    Filesize

    208KB

  • memory/2096-25-0x000000013FF30000-0x0000000140028000-memory.dmp

    Filesize

    992KB

  • memory/2096-28-0x000007FEFB790000-0x000007FEFB7A8000-memory.dmp

    Filesize

    96KB

  • memory/2096-27-0x000007FEF6160000-0x000007FEF6416000-memory.dmp

    Filesize

    2.7MB

  • memory/2096-29-0x000007FEFB0A0000-0x000007FEFB0B7000-memory.dmp

    Filesize

    92KB

  • memory/2096-31-0x000007FEF7B30000-0x000007FEF7B47000-memory.dmp

    Filesize

    92KB

  • memory/2096-32-0x000007FEF79B0000-0x000007FEF79C1000-memory.dmp

    Filesize

    68KB

  • memory/2096-34-0x000007FEF7900000-0x000007FEF7911000-memory.dmp

    Filesize

    68KB

  • memory/2096-33-0x000007FEF7990000-0x000007FEF79AD000-memory.dmp

    Filesize

    116KB

  • memory/2096-30-0x000007FEFAB80000-0x000007FEFAB91000-memory.dmp

    Filesize

    68KB

  • memory/2096-35-0x000007FEF5F50000-0x000007FEF615B000-memory.dmp

    Filesize

    2.0MB

  • memory/2096-36-0x000007FEF78B0000-0x000007FEF78F1000-memory.dmp

    Filesize

    260KB

  • memory/2096-45-0x000007FEF6840000-0x000007FEF6858000-memory.dmp

    Filesize

    96KB

  • memory/2096-44-0x000007FEF6860000-0x000007FEF6871000-memory.dmp

    Filesize

    68KB

  • memory/2096-46-0x000007FEF6810000-0x000007FEF6840000-memory.dmp

    Filesize

    192KB

  • memory/2096-42-0x000007FEF6D00000-0x000007FEF6D11000-memory.dmp

    Filesize

    68KB

  • memory/2096-37-0x000007FEF4EA0000-0x000007FEF5F50000-memory.dmp

    Filesize

    16.7MB

  • memory/2096-47-0x000007FEF67A0000-0x000007FEF6807000-memory.dmp

    Filesize

    412KB

  • memory/2096-49-0x000007FEF4E00000-0x000007FEF4E11000-memory.dmp

    Filesize

    68KB

  • memory/2096-51-0x000007FEF4D70000-0x000007FEF4D98000-memory.dmp

    Filesize

    160KB

  • memory/2096-52-0x000007FEF4D40000-0x000007FEF4D64000-memory.dmp

    Filesize

    144KB

  • memory/2096-54-0x000007FEF4CF0000-0x000007FEF4D13000-memory.dmp

    Filesize

    140KB

  • memory/2096-53-0x000007FEF4D20000-0x000007FEF4D38000-memory.dmp

    Filesize

    96KB

  • memory/2096-56-0x000007FEF4CB0000-0x000007FEF4CC2000-memory.dmp

    Filesize

    72KB

  • memory/2096-55-0x000007FEF4CD0000-0x000007FEF4CE1000-memory.dmp

    Filesize

    68KB

  • memory/2096-50-0x000007FEF4DA0000-0x000007FEF4DF7000-memory.dmp

    Filesize

    348KB

  • memory/2096-48-0x000007FEF4E20000-0x000007FEF4E9C000-memory.dmp

    Filesize

    496KB

  • memory/2096-43-0x000007FEF6880000-0x000007FEF689B000-memory.dmp

    Filesize

    108KB

  • memory/2096-40-0x000007FEF6D40000-0x000007FEF6D51000-memory.dmp

    Filesize

    68KB

  • memory/2096-41-0x000007FEF6D20000-0x000007FEF6D31000-memory.dmp

    Filesize

    68KB

  • memory/2096-39-0x000007FEF7890000-0x000007FEF78A8000-memory.dmp

    Filesize

    96KB

  • memory/2096-38-0x000007FEF6D60000-0x000007FEF6D81000-memory.dmp

    Filesize

    132KB

  • memory/2096-74-0x000007FEF6160000-0x000007FEF6416000-memory.dmp

    Filesize

    2.7MB

  • memory/2096-84-0x000007FEF4EA0000-0x000007FEF5F50000-memory.dmp

    Filesize

    16.7MB