817885516a62ee272a1a1bd1ccd482f72bf6dfc4b7c5a5a8709ac0c1223dfd60

Analysis

max time kernel
144s
max time network
135s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
16-06-2024 08:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Client.exe
Size

526KB
MD5

90008a05fc6dd984eebbd78f583c234e
SHA1

58bd78b4431386efed54318c25ba3d524a9089bd
SHA256

817885516a62ee272a1a1bd1ccd482f72bf6dfc4b7c5a5a8709ac0c1223dfd60
SHA512

44c47e171db6a9a7c30b5763fae4b54557e57992a8bbf82907a144f45d523585d09c8dca37bccf25c0111ce8955be331196d3bd252a57b6cacd5fdc32a7caca2
SSDEEP

6144:BXhixn/lkI5nXgZWYY6XKe6VlWT8b9VHHo0sp7Xczra52ObsVaxFa:xgxn/7XgZLKPVle8DI0sp7sfaQgS

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
3492	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3492	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe
3492	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3492	vlc.exe

C:\Users\Admin\AppData\Local\Temp\Client.exe
"C:\Users\Admin\AppData\Local\Temp\Client.exe"
1⤵
PID:4112

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\ResumeRead.AAC"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:3492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3492-12-0x00007FFF53E60000-0x00007FFF53E77000-memory.dmp

Filesize
92KB

Download
memory/3492-57-0x00007FFF42620000-0x00007FFF436D0000-memory.dmp

Filesize
16.7MB

Download
memory/3492-11-0x00007FFF56640000-0x00007FFF56658000-memory.dmp

Filesize
96KB

Download
memory/3492-9-0x00007FFF56760000-0x00007FFF56794000-memory.dmp

Filesize
208KB

Download
memory/3492-17-0x00007FFF52BE0000-0x00007FFF52BF1000-memory.dmp

Filesize
68KB

Download
memory/3492-16-0x00007FFF536A0000-0x00007FFF536BD000-memory.dmp

Filesize
116KB

Download
memory/3492-15-0x00007FFF536C0000-0x00007FFF536D1000-memory.dmp

Filesize
68KB

Download
memory/3492-10-0x00007FFF52C00000-0x00007FFF52EB6000-memory.dmp

Filesize
2.7MB

Download
memory/3492-14-0x00007FFF53E20000-0x00007FFF53E37000-memory.dmp

Filesize
92KB

Download
memory/3492-18-0x00007FFF436D0000-0x00007FFF438DB000-memory.dmp

Filesize
2.0MB

Download
memory/3492-8-0x00007FF767470000-0x00007FF767568000-memory.dmp

Filesize
992KB

Download
memory/3492-38-0x00007FFF42620000-0x00007FFF436D0000-memory.dmp

Filesize
16.7MB

Download
memory/3492-13-0x00007FFF53E40000-0x00007FFF53E51000-memory.dmp

Filesize
68KB

Download
memory/3492-20-0x00007FFF52B90000-0x00007FFF52BD1000-memory.dmp

Filesize
260KB

Download
memory/3492-26-0x00007FFF52AC0000-0x00007FFF52ADB000-memory.dmp

Filesize
108KB

Download
memory/3492-25-0x00007FFF52AE0000-0x00007FFF52AF1000-memory.dmp

Filesize
68KB

Download
memory/3492-24-0x00007FFF52B00000-0x00007FFF52B11000-memory.dmp

Filesize
68KB

Download
memory/3492-23-0x00007FFF52B20000-0x00007FFF52B31000-memory.dmp

Filesize
68KB

Download
memory/3492-22-0x00007FFF52B40000-0x00007FFF52B58000-memory.dmp

Filesize
96KB

Download
memory/3492-21-0x00007FFF52B60000-0x00007FFF52B81000-memory.dmp

Filesize
132KB

Download
memory/3492-19-0x00007FFF42620000-0x00007FFF436D0000-memory.dmp

Filesize
16.7MB

Download
memory/4112-1-0x00007FFF43B33000-0x00007FFF43B34000-memory.dmp

Filesize
4KB

Download
memory/4112-0-0x0000000000DE0000-0x0000000000E6A000-memory.dmp

Filesize
552KB

Download