Analysis

  • max time kernel
    50s
  • max time network
    37s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/06/2024, 16:39

General

  • Target

    python-MidiToVirtualPianoMacro-master/CorridorsOfTime.mid

  • Size

    11KB

  • MD5

    249330d2e88ef6fce90a16e446c33d5d

  • SHA1

    84313a86afa035695bd5e56790a09133e8760d75

  • SHA256

    79dff6bced06af2340a45b0b0535eb2770e4ee5bb08dfec789708a8f5307a756

  • SHA512

    dadd3e7510dd67761c274e74b6017e2e19ab25e2f7f46b5e917b882cbef15c4ccc5537ca1270590038e697724fbac5ed4ccacd4a524efe02c3fa7a5f9d4d3264

  • SSDEEP

    192:4byE9i77sm4QEWncMsjgS5LDap6CYZcJ5pDdmaU4DJpq+az6Pw:HEsXT4vWcMsjHZasZMmaJLq+aziw

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 6 IoCs
  • Suspicious use of SendNotifyMessage 5 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\python-MidiToVirtualPianoMacro-master\CorridorsOfTime.mid"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1528-5-0x00007FF74D180000-0x00007FF74D278000-memory.dmp

    Filesize

    992KB

  • memory/1528-6-0x00007FF9E6380000-0x00007FF9E63B4000-memory.dmp

    Filesize

    208KB

  • memory/1528-9-0x00007FF9EA6D0000-0x00007FF9EA6E7000-memory.dmp

    Filesize

    92KB

  • memory/1528-13-0x00007FF9E6090000-0x00007FF9E60AD000-memory.dmp

    Filesize

    116KB

  • memory/1528-12-0x00007FF9E60B0000-0x00007FF9E60C1000-memory.dmp

    Filesize

    68KB

  • memory/1528-11-0x00007FF9E6400000-0x00007FF9E6417000-memory.dmp

    Filesize

    92KB

  • memory/1528-10-0x00007FF9E97F0000-0x00007FF9E9801000-memory.dmp

    Filesize

    68KB

  • memory/1528-15-0x00007FF9D6E30000-0x00007FF9D703B000-memory.dmp

    Filesize

    2.0MB

  • memory/1528-16-0x00007FF9E6020000-0x00007FF9E6061000-memory.dmp

    Filesize

    260KB

  • memory/1528-14-0x00007FF9E6070000-0x00007FF9E6081000-memory.dmp

    Filesize

    68KB

  • memory/1528-7-0x00007FF9E59B0000-0x00007FF9E5C66000-memory.dmp

    Filesize

    2.7MB

  • memory/1528-8-0x00007FF9EB210000-0x00007FF9EB228000-memory.dmp

    Filesize

    96KB

  • memory/1528-22-0x00007FF9E5D90000-0x00007FF9E5DA1000-memory.dmp

    Filesize

    68KB

  • memory/1528-21-0x00007FF9E5DB0000-0x00007FF9E5DC1000-memory.dmp

    Filesize

    68KB

  • memory/1528-20-0x00007FF9E5DD0000-0x00007FF9E5DE1000-memory.dmp

    Filesize

    68KB

  • memory/1528-19-0x00007FF9E5E70000-0x00007FF9E5E88000-memory.dmp

    Filesize

    96KB

  • memory/1528-18-0x00007FF9E5DF0000-0x00007FF9E5E11000-memory.dmp

    Filesize

    132KB

  • memory/1528-17-0x00007FF9D5D80000-0x00007FF9D6E30000-memory.dmp

    Filesize

    16.7MB

  • memory/1528-53-0x00007FF9D5D80000-0x00007FF9D6E30000-memory.dmp

    Filesize

    16.7MB