Overview

overview

7

Static

static

3

reaper716_...ll.exe

windows10-1703-x64

7

$INSTDIR$_....0.zip

windows10-1703-x64

1

$INSTDIR$_....0.zip

windows10-1703-x64

1

$INSTDIR$_...eabank

windows10-1703-x64

3

$INSTDIR$_...xe.wav

windows10-1703-x64

1

$INSTDIR$_...an.wav

windows10-1703-x64

1

$INSTDIR$_...mp.wav

windows10-1703-x64

1

$INSTDIR$_...70.wav

windows10-1703-x64

6

$INSTDIR$_...mp.wav

windows10-1703-x64

1

$INSTDIR$_...70.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...xe.wav

windows10-1703-x64

6

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...30.wav

windows10-1703-x64

1

$INSTDIR$_...ng.txt

windows10-1703-x64

1

$INSTDIR$_...ic.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...ne.txt

windows10-1703-x64

1

$INSTDIR$_...es.txt

windows10-1703-x64

1

$INSTDIR$_... 1.txt

windows10-1703-x64

1

Analysis

  • max time kernel
    1790s
  • max time network
    1581s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-es
  • resource tags

    arch:x64arch:x86image:win10-20240404-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    20-06-2024 08:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $INSTDIR$_8_/Data/amp_models/Fender Bassman - Fender Bassman.wav

  • Size

    4KB

  • MD5

    bafd91a6f40032cd8ba1b760fc474c54

  • SHA1

    b710a95cc80fc7a8cfd6a101d7b7e2dec3345438

  • SHA256

    68d325d659b8adf3dbb6a421277d35e5f61dbb1373003a149eb2a3cbdd49be8c

  • SHA512

    d8f5f358cb07f95e2b6f435e78716fe456209c9077e8a2b7d8b018a2ff116d7fe5863f32f18baee66ff9dbedb56d41256fb18bf54f0f6ba21dc7f27af45843b4

  • SSDEEP

    6:Ztouy0p2MTEecBTL7fcs0idGzZybgyL4kERTb4vCtiQxavYSMkLBZpQOPq6Ed:zouy0LE1vcBlzMsy8Npjapl1XbUd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\$INSTDIR$_8_\Data\amp_models\Fender Bassman - Fender Bassman.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3556
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0xf8
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3556-8-0x00007FF9BAE80000-0x00007FF9BAEB4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/3556-7-0x00007FF7E9210000-0x00007FF7E9308000-memory.dmp

    Filesize

    992KB

    Download

  • memory/3556-13-0x00007FF9BADD0000-0x00007FF9BADE7000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3556-16-0x00007FF9BAD70000-0x00007FF9BAD81000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3556-15-0x00007FF9BAD90000-0x00007FF9BADAD000-memory.dmp

    Filesize

    116KB

    Download

  • memory/3556-14-0x00007FF9BADB0000-0x00007FF9BADC1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3556-17-0x00007FF9A7420000-0x00007FF9A762B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3556-9-0x00007FF9B79E0000-0x00007FF9B7C96000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/3556-10-0x00007FF9BAE30000-0x00007FF9BAE48000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3556-12-0x00007FF9BADF0000-0x00007FF9BAE01000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3556-11-0x00007FF9BAE10000-0x00007FF9BAE27000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3556-19-0x00007FF9B8490000-0x00007FF9B84D1000-memory.dmp

    Filesize

    260KB

    Download

  • memory/3556-25-0x00007FF9B8100000-0x00007FF9B811B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/3556-24-0x00007FF9B8120000-0x00007FF9B8131000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3556-23-0x00007FF9B8140000-0x00007FF9B8151000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3556-22-0x00007FF9B8160000-0x00007FF9B8171000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3556-21-0x00007FF9BAC70000-0x00007FF9BAC88000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3556-20-0x00007FF9BAD40000-0x00007FF9BAD61000-memory.dmp

    Filesize

    132KB

    Download

  • memory/3556-18-0x00007FF9A6370000-0x00007FF9A7420000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/3556-37-0x00007FF9A6370000-0x00007FF9A7420000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/3556-56-0x00007FF9A6370000-0x00007FF9A7420000-memory.dmp

    Filesize

    16.7MB

    Download