Overview

overview

7

Static

static

3

reaper716_...ll.exe

windows10-1703-x64

7

$INSTDIR$_....0.zip

windows10-1703-x64

1

$INSTDIR$_....0.zip

windows10-1703-x64

1

$INSTDIR$_...eabank

windows10-1703-x64

3

$INSTDIR$_...xe.wav

windows10-1703-x64

1

$INSTDIR$_...an.wav

windows10-1703-x64

1

$INSTDIR$_...mp.wav

windows10-1703-x64

1

$INSTDIR$_...70.wav

windows10-1703-x64

6

$INSTDIR$_...mp.wav

windows10-1703-x64

1

$INSTDIR$_...70.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...xe.wav

windows10-1703-x64

6

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...in.wav

windows10-1703-x64

1

$INSTDIR$_...30.wav

windows10-1703-x64

1

$INSTDIR$_...ng.txt

windows10-1703-x64

1

$INSTDIR$_...ic.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...or.txt

windows10-1703-x64

1

$INSTDIR$_...an.txt

windows10-1703-x64

1

$INSTDIR$_...ne.txt

windows10-1703-x64

1

$INSTDIR$_...es.txt

windows10-1703-x64

1

$INSTDIR$_... 1.txt

windows10-1703-x64

1

Analysis

  • max time kernel
    1791s
  • max time network
    1581s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-es
  • resource tags

    arch:x64arch:x86image:win10-20240404-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    20-06-2024 08:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $INSTDIR$_8_/Data/amp_models/Fender Bassman - Tweed Champ.wav

  • Size

    4KB

  • MD5

    1ae37d5cb7fae2fe6a44d705903d1d68

  • SHA1

    dd5509f7e623352aa5249c9ea5fef2ced9602de4

  • SHA256

    396bc77761daac4fc368a1d0c23ab9307941b6f3ea03b2502617c868f15c2b86

  • SHA512

    018d3e0a7c12bbf35a95db636327afb89ae891f47f74276f0ac03ab9b08b2f349185c97a78a015ee13dc0357f3ffa28063a4e81f970db76cd30076f63ffa9a36

  • SSDEEP

    12:g25HJyj+KEBVOSKSuOtQjqzzsE1v6IwrTvaeq+30CdwHW2h05geiEirInmE6LZrh:z4+JBVOxSuhuse2yeq6ExS5PnmRLX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\$INSTDIR$_8_\Data\amp_models\Fender Bassman - Tweed Champ.wav"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3992
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x3fc
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3992-8-0x00007FF9C6830000-0x00007FF9C6864000-memory.dmp

    Filesize

    208KB

    Download

  • memory/3992-7-0x00007FF797AD0000-0x00007FF797BC8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/3992-16-0x00007FF9C3DE0000-0x00007FF9C3DF1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3992-15-0x00007FF9C3FD0000-0x00007FF9C3FED000-memory.dmp

    Filesize

    116KB

    Download

  • memory/3992-14-0x00007FF9C3FF0000-0x00007FF9C4001000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3992-13-0x00007FF9C4010000-0x00007FF9C4027000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3992-12-0x00007FF9C4370000-0x00007FF9C4381000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3992-11-0x00007FF9C6810000-0x00007FF9C6827000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3992-10-0x00007FF9C70B0000-0x00007FF9C70C8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3992-9-0x00007FF9C3510000-0x00007FF9C37C6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/3992-17-0x00007FF9C3300000-0x00007FF9C350B000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3992-24-0x00007FF9C3CE0000-0x00007FF9C3CF1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3992-26-0x00007FF9C1CA0000-0x00007FF9C1CF7000-memory.dmp

    Filesize

    348KB

    Download

  • memory/3992-25-0x00007FF9C3CC0000-0x00007FF9C3CDB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/3992-23-0x00007FF9C3D00000-0x00007FF9C3D11000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3992-22-0x00007FF9C3D20000-0x00007FF9C3D31000-memory.dmp

    Filesize

    68KB

    Download

  • memory/3992-21-0x00007FF9C3D40000-0x00007FF9C3D58000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3992-20-0x00007FF9C3D60000-0x00007FF9C3D81000-memory.dmp

    Filesize

    132KB

    Download

  • memory/3992-19-0x00007FF9C3D90000-0x00007FF9C3DD1000-memory.dmp

    Filesize

    260KB

    Download

  • memory/3992-18-0x00007FF9B2F00000-0x00007FF9B3FB0000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/3992-58-0x00007FF9B2F00000-0x00007FF9B3FB0000-memory.dmp

    Filesize

    16.7MB

    Download