Overview

overview

7

Static

static

3

reaper716_...ll.exe

windows10-1703-x64

7

$INSTDIR$_....0.zip

windows10-1703-x64

1

$INSTDIR$_....0.zip

windows10-1703-x64

1

$INSTDIR$_...eabank

windows10-1703-x64

3

$INSTDIR$_...xe.wav

windows10-1703-x64

1

$INSTDIR$_...an.wav

windows10-1703-x64

1

$INSTDIR$_...mp.wav

windows10-1703-x64

1

$INSTDIR$_...70.wav

windows10-1703-x64

6

$INSTDIR$_...mp.wav

windows10-1703-x64

1

$INSTDIR$_...70.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...xe.wav

windows10-1703-x64

6

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...30.wav

windows10-1703-x64

1

$INSTDIR$_...ng.txt

windows10-1703-x64

1

$INSTDIR$_...ic.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...ne.txt

windows10-1703-x64

1

$INSTDIR$_...es.txt

windows10-1703-x64

1

$INSTDIR$_... 1.txt

windows10-1703-x64

1

Analysis

  • max time kernel
    1791s
  • max time network
    1614s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-es
  • resource tags

    arch:x64arch:x86image:win10-20240404-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    20-06-2024 08:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $INSTDIR$_8_/Data/amp_models/Mesa Boogie Clean - Blackface Twin.wav

  • Size

    4KB

  • MD5

    2f8f67507f48ddcfe4fdd587289e5336

  • SHA1

    accad4f1b2afa14f81a509222a6e54f49af9354f

  • SHA256

    54296c71c65d48cc5faa5de35f2d96fc0fb118b8443a5fb2e9a72d063b3dc178

  • SHA512

    ee87934dd7bea0f20ffbf696fa7c7f9c49ccc07a5d576950552fac1701f0ea6aa79ee2a7bf2830e225f7cd67eec74a18713b378a67b4899fa972a7237ab18315

  • SSDEEP

    6:JtIX4d2C0o+qXhOQWzBXtQLRmJkSP5wfchZ6Ye+y8/CT37JRxTHSIrFKOX/C:DIoRDLhFue/+yuCT37ZBZvC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\$INSTDIR$_8_\Data\amp_models\Mesa Boogie Clean - Blackface Twin.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:4004
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x3a4
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4004-7-0x00007FF654880000-0x00007FF654978000-memory.dmp

    Filesize

    992KB

    Download

  • memory/4004-8-0x00007FFBDEAD0000-0x00007FFBDEB04000-memory.dmp

    Filesize

    208KB

    Download

  • memory/4004-11-0x00007FFBDEA60000-0x00007FFBDEA77000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4004-16-0x00007FFBDE9C0000-0x00007FFBDE9D1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4004-15-0x00007FFBDE9E0000-0x00007FFBDE9FD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/4004-14-0x00007FFBDEA00000-0x00007FFBDEA11000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4004-13-0x00007FFBDEA20000-0x00007FFBDEA37000-memory.dmp

    Filesize

    92KB

    Download

  • memory/4004-12-0x00007FFBDEA40000-0x00007FFBDEA51000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4004-9-0x00007FFBDB7B0000-0x00007FFBDBA66000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/4004-10-0x00007FFBDEA80000-0x00007FFBDEA98000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4004-17-0x00007FFBD9B10000-0x00007FFBD9D1B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4004-19-0x00007FFBDC1C0000-0x00007FFBDC201000-memory.dmp

    Filesize

    260KB

    Download

  • memory/4004-25-0x00007FFBDBF10000-0x00007FFBDBF2B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4004-24-0x00007FFBDBF30000-0x00007FFBDBF41000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4004-23-0x00007FFBDBF50000-0x00007FFBDBF61000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4004-22-0x00007FFBDBF70000-0x00007FFBDBF81000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4004-21-0x00007FFBDE9A0000-0x00007FFBDE9B8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/4004-20-0x00007FFBDE910000-0x00007FFBDE931000-memory.dmp

    Filesize

    132KB

    Download

  • memory/4004-18-0x00007FFBCB5C0000-0x00007FFBCC670000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/4004-37-0x00007FFBCB5C0000-0x00007FFBCC670000-memory.dmp

    Filesize

    16.7MB

    Download