Overview

overview

6

Static

static

3

TH06 _ The...il.zip

windows7-x64

1

TH06 _ The...il.zip

windows10-2004-x64

1

TH06 ~ The...CM.dat

windows7-x64

3

TH06 ~ The...CM.dat

windows10-2004-x64

3

TH06 ~ The...ED.dat

windows7-x64

3

TH06 ~ The...ED.dat

windows10-2004-x64

3

TH06 ~ The...IN.dat

windows7-x64

3

TH06 ~ The...IN.dat

windows10-2004-x64

3

TH06 ~ The...ST.dat

windows7-x64

3

TH06 ~ The...ST.dat

windows10-2004-x64

3

TH06 ~ The...01.wav

windows7-x64

1

TH06 ~ The...01.wav

windows10-2004-x64

6

TH06 ~ The...03.wav

windows7-x64

1

TH06 ~ The...03.wav

windows10-2004-x64

6

TH06 ~ The...05.wav

windows7-x64

1

TH06 ~ The...05.wav

windows10-2004-x64

6

TH06 ~ The...07.wav

windows7-x64

1

TH06 ~ The...07.wav

windows10-2004-x64

6

TH06 ~ The...09.wav

windows7-x64

1

TH06 ~ The...09.wav

windows10-2004-x64

6

TH06 ~ The...11.wav

windows7-x64

1

TH06 ~ The...11.wav

windows10-2004-x64

6

TH06 ~ The...13.wav

windows7-x64

1

TH06 ~ The...13.wav

windows10-2004-x64

6

TH06 ~ The...15.wav

windows7-x64

1

TH06 ~ The...15.wav

windows10-2004-x64

6

TH06 ~ The...17.wav

windows7-x64

1

TH06 ~ The...17.wav

windows10-2004-x64

6

TH06 ~ The...om.txt

windows7-x64

1

TH06 ~ The...om.txt

windows10-2004-x64

1

TH06 ~ The...00.jpg

windows7-x64

1

TH06 ~ The...00.jpg

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    08/06/2024, 02:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TH06 ~ The Embodiment of Scarlet Devil/kouma/bgm/th06_07.wav

  • Size

    18.0MB

  • MD5

    81aef574a1b49bf2d0ec65318c37d8d9

  • SHA1

    3d69c8521aad9b60991bfbe9a6dc2050c8064257

  • SHA256

    2b42f3c5c629b07354e0045caac8556270ac8868b6e22885343504c8e1eebb6f

  • SHA512

    8bb3f60082bd7dc11821959dde34416b2b62b6c1ab846a48251857e935c24c95f069e4bc9fcb23d30b6404249e555ae51ccdcb677482f79f15dc5653b31c0adc

  • SSDEEP

    393216:77uEQxJlOv4pTnYYxmwf7AuXJ5vAJGmQ9ZbNAiUqOoKVkMI7exFMGg+:7avxJYv4pTYemF+5eGmQ3N9TVKB7MGg+

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\TH06 ~ The Embodiment of Scarlet Devil\kouma\bgm\th06_07.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2428

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2428-6-0x000007FEFAA40000-0x000007FEFAA74000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2428-5-0x000000013F5E0000-0x000000013F6D8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/2428-11-0x000007FEFA470000-0x000007FEFA487000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2428-7-0x000007FEF5C30000-0x000007FEF5EE6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2428-13-0x000007FEFA430000-0x000007FEFA44D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2428-12-0x000007FEFA450000-0x000007FEFA461000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-10-0x000007FEFA490000-0x000007FEFA4A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-9-0x000007FEFAA90000-0x000007FEFAAA7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2428-8-0x000007FEFB710000-0x000007FEFB728000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2428-15-0x000007FEFA240000-0x000007FEFA251000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-14-0x000007FEF5A20000-0x000007FEF5C2B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2428-16-0x000007FEF71E0000-0x000007FEF7221000-memory.dmp

    Filesize

    260KB

    Download

  • memory/2428-17-0x000007FEF71B0000-0x000007FEF71D1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2428-18-0x000007FEF7190000-0x000007FEF71A8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2428-19-0x000007FEF7170000-0x000007FEF7181000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-20-0x000007FEF7150000-0x000007FEF7161000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-22-0x000007FEF6610000-0x000007FEF662B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2428-23-0x000007FEF65F0000-0x000007FEF6601000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-24-0x000007FEF65D0000-0x000007FEF65E8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2428-25-0x000007FEF59F0000-0x000007FEF5A20000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2428-21-0x000007FEF6630000-0x000007FEF6641000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-27-0x000007FEF5980000-0x000007FEF59E7000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2428-29-0x000007FEF6180000-0x000007FEF6191000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-34-0x000007FEF4700000-0x000007FEF4723000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2428-44-0x000007FEF43C0000-0x000007FEF43D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2428-43-0x000007FEF43E0000-0x000007FEF43F2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2428-42-0x000007FEF4400000-0x000007FEF4411000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-26-0x000007FEF4780000-0x000007FEF5830000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/2428-41-0x000007FEF4440000-0x000007FEF4455000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2428-48-0x000007FEF41E0000-0x000007FEF41F1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-50-0x000007FEF41A0000-0x000007FEF41B1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-49-0x000007FEF41C0000-0x000007FEF41D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-47-0x000007FEF4200000-0x000007FEF4214000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2428-46-0x000007FEF4220000-0x000007FEF4233000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2428-45-0x000007FEF4240000-0x000007FEF43BA000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/2428-40-0x000007FEF4460000-0x000007FEF4476000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2428-39-0x000007FEF4480000-0x000007FEF4491000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-38-0x000007FEF44A0000-0x000007FEF44CF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2428-37-0x000007FEFAB30000-0x000007FEFAB40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2428-36-0x000007FEF46C0000-0x000007FEF46D2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2428-35-0x000007FEF46E0000-0x000007FEF46F1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2428-33-0x000007FEF4730000-0x000007FEF4748000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2428-32-0x000007FEF4750000-0x000007FEF4774000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2428-31-0x000007FEF5870000-0x000007FEF5898000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2428-30-0x000007FEF58A0000-0x000007FEF58F7000-memory.dmp

    Filesize

    348KB

    Download

  • memory/2428-28-0x000007FEF5900000-0x000007FEF597C000-memory.dmp

    Filesize

    496KB

    Download