Analysis

  • max time kernel
    140s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2024 13:24

General

  • Target

    resource/sound/ns_1_09.mp3

  • Size

    17KB

  • MD5

    8974020b160d1cd26c81b03e7fdb8365

  • SHA1

    779e3f2e86ac73a97fe8b4a5e3a11f44c1f5637b

  • SHA256

    bb37db97a313d42c8b602fc6b2436dd06080295ad7f1a87f2cb69244181284c8

  • SHA512

    079212288ff1012fbd6ad0a0613ad6d7b613cb105e423fbaa7901fcb3c155c96d379e22621d4d77774d33126457b464a2b736a233fcfb341677b6f1a4e7070cd

  • SSDEEP

    384:WOFLuhWcMkb8uacb5gTvlCRmYuSN/57gtVJBjP:WWLuYc1ZN5YvY554nBjP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\resource\sound\ns_1_09.mp3"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1704-6-0x000007FEFB840000-0x000007FEFB874000-memory.dmp
    Filesize

    208KB

  • memory/1704-5-0x000000013F7B0000-0x000000013F8A8000-memory.dmp
    Filesize

    992KB

  • memory/1704-8-0x000007FEFC490000-0x000007FEFC4A8000-memory.dmp
    Filesize

    96KB

  • memory/1704-9-0x000007FEFBBA0000-0x000007FEFBBB7000-memory.dmp
    Filesize

    92KB

  • memory/1704-10-0x000007FEFB8B0000-0x000007FEFB8C1000-memory.dmp
    Filesize

    68KB

  • memory/1704-12-0x000007FEF7FC0000-0x000007FEF7FD1000-memory.dmp
    Filesize

    68KB

  • memory/1704-13-0x000007FEF7FA0000-0x000007FEF7FBD000-memory.dmp
    Filesize

    116KB

  • memory/1704-11-0x000007FEF8050000-0x000007FEF8067000-memory.dmp
    Filesize

    92KB

  • memory/1704-14-0x000007FEF7F80000-0x000007FEF7F91000-memory.dmp
    Filesize

    68KB

  • memory/1704-7-0x000007FEF6760000-0x000007FEF6A14000-memory.dmp
    Filesize

    2.7MB

  • memory/1704-16-0x000007FEF7F40000-0x000007FEF7F7F000-memory.dmp
    Filesize

    252KB

  • memory/1704-15-0x000007FEF6560000-0x000007FEF6760000-memory.dmp
    Filesize

    2.0MB

  • memory/1704-17-0x000007FEF7F10000-0x000007FEF7F31000-memory.dmp
    Filesize

    132KB

  • memory/1704-18-0x000007FEF73E0000-0x000007FEF73F8000-memory.dmp
    Filesize

    96KB

  • memory/1704-21-0x000007FEF73A0000-0x000007FEF73B1000-memory.dmp
    Filesize

    68KB

  • memory/1704-20-0x000007FEF73C0000-0x000007FEF73D1000-memory.dmp
    Filesize

    68KB

  • memory/1704-22-0x000007FEF7380000-0x000007FEF7391000-memory.dmp
    Filesize

    68KB

  • memory/1704-23-0x000007FEF6F30000-0x000007FEF6F4B000-memory.dmp
    Filesize

    108KB

  • memory/1704-24-0x000007FEF6F10000-0x000007FEF6F21000-memory.dmp
    Filesize

    68KB

  • memory/1704-25-0x000007FEF6EF0000-0x000007FEF6F08000-memory.dmp
    Filesize

    96KB

  • memory/1704-26-0x000007FEF6E70000-0x000007FEF6EA0000-memory.dmp
    Filesize

    192KB

  • memory/1704-27-0x000007FEF6E00000-0x000007FEF6E67000-memory.dmp
    Filesize

    412KB

  • memory/1704-30-0x000007FEF5470000-0x000007FEF5487000-memory.dmp
    Filesize

    92KB

  • memory/1704-31-0x000007FEF5450000-0x000007FEF5461000-memory.dmp
    Filesize

    68KB

  • memory/1704-29-0x000007FEF5490000-0x000007FEF54A1000-memory.dmp
    Filesize

    68KB

  • memory/1704-28-0x000007FEF6D90000-0x000007FEF6DFF000-memory.dmp
    Filesize

    444KB

  • memory/1704-32-0x000007FEF53F0000-0x000007FEF5447000-memory.dmp
    Filesize

    348KB

  • memory/1704-35-0x000007FEF5380000-0x000007FEF5391000-memory.dmp
    Filesize

    68KB

  • memory/1704-34-0x000007FEF53A0000-0x000007FEF53B3000-memory.dmp
    Filesize

    76KB

  • memory/1704-33-0x000007FEF53C0000-0x000007FEF53EF000-memory.dmp
    Filesize

    188KB

  • memory/1704-38-0x000007FEF36D0000-0x000007FEF36F8000-memory.dmp
    Filesize

    160KB

  • memory/1704-40-0x000007FEF34A0000-0x000007FEF34B2000-memory.dmp
    Filesize

    72KB

  • memory/1704-39-0x000007FEF34C0000-0x000007FEF34D1000-memory.dmp
    Filesize

    68KB

  • memory/1704-37-0x000007FEF3700000-0x000007FEF3756000-memory.dmp
    Filesize

    344KB

  • memory/1704-36-0x000007FEF52B0000-0x000007FEF5375000-memory.dmp
    Filesize

    788KB

  • memory/1704-41-0x000007FEF3320000-0x000007FEF349A000-memory.dmp
    Filesize

    1.5MB

  • memory/1704-19-0x000007FEF54B0000-0x000007FEF655B000-memory.dmp
    Filesize

    16.7MB