5f75d5edd9138b9cc2d0f7284a05bf5b6805ff1d2ded78a4ed886551edbff84e

Resubmissions

06-07-2024 00:42

240706-a2k6vszhpr 3

06-07-2024 00:39

240706-azwvksshpf 3

Analysis

max time kernel
593s
max time network
448s
platform
windows10-2004_x64
resource
win10v2004-20240704-fr
resource tags

arch:x64arch:x86image:win10v2004-20240704-frlocale:fr-fros:windows10-2004-x64systemwindows
submitted
06-07-2024 00:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

A Turn Back (Piano).mid
Size

13KB
MD5

ff6fa4dceb059f14560280856390b5e8
SHA1

ec3e123dffeb1814084e90a84f9cc698d30070ba
SHA256

0480e68863c334cead15a00a9461485db0838717cff26ae0960077c7db557c9a
SHA512

69d42f77ea81419875c26cf49b49e8258629d6b3f9ba01940f2085f52009fe1f59ba4eef9d00443624a51b82b3ab390986c43b9bf2a0087ffaa7b90fe0a8050e
SSDEEP

192:2STtoEf6U5Q4jDfH079fL/4Li+xSJFyZuZnrnHasdB0wYz6Cj7GNClCiP:FTtff6bsot/4m+xLZOn5PVCj7GNwH

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
488	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
488	vlc.exe

Suspicious use of FindShellTrayWindow 10 IoCs

pid	Process
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe

Suspicious use of SendNotifyMessage 9 IoCs

pid	Process
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe
488	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
488	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\A Turn Back (Piano).mid"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/488-6-0x00007FF8C92E0000-0x00007FF8C9314000-memory.dmp

Filesize
208KB

Download
memory/488-5-0x00007FF71C860000-0x00007FF71C958000-memory.dmp

Filesize
992KB

Download
memory/488-9-0x00007FF8C9860000-0x00007FF8C9877000-memory.dmp

Filesize
92KB

Download
memory/488-14-0x00007FF8C3FA0000-0x00007FF8C3FB1000-memory.dmp

Filesize
68KB

Download
memory/488-13-0x00007FF8C3FC0000-0x00007FF8C3FDD000-memory.dmp

Filesize
116KB

Download
memory/488-12-0x00007FF8C42F0000-0x00007FF8C4301000-memory.dmp

Filesize
68KB

Download
memory/488-15-0x00007FF8B3B50000-0x00007FF8B3D5B000-memory.dmp

Filesize
2.0MB

Download
memory/488-11-0x00007FF8C4310000-0x00007FF8C4327000-memory.dmp

Filesize
92KB

Download
memory/488-10-0x00007FF8C4330000-0x00007FF8C4341000-memory.dmp

Filesize
68KB

Download
memory/488-7-0x00007FF8B40F0000-0x00007FF8B43A6000-memory.dmp

Filesize
2.7MB

Download
memory/488-8-0x00007FF8CA9E0000-0x00007FF8CA9F8000-memory.dmp

Filesize
96KB

Download
memory/488-22-0x00007FF8C3340000-0x00007FF8C3351000-memory.dmp

Filesize
68KB

Download
memory/488-21-0x00007FF8C3360000-0x00007FF8C3371000-memory.dmp

Filesize
68KB

Download
memory/488-20-0x00007FF8C3380000-0x00007FF8C3391000-memory.dmp

Filesize
68KB

Download
memory/488-19-0x00007FF8C3B60000-0x00007FF8C3B78000-memory.dmp

Filesize
96KB

Download
memory/488-18-0x00007FF8C3D60000-0x00007FF8C3D81000-memory.dmp

Filesize
132KB

Download
memory/488-17-0x00007FF8C3A10000-0x00007FF8C3A51000-memory.dmp

Filesize
260KB

Download
memory/488-16-0x00007FF8B2AA0000-0x00007FF8B3B50000-memory.dmp

Filesize
16.7MB

Download
memory/488-25-0x00007FF8B40F0000-0x00007FF8B43A6000-memory.dmp

Filesize
2.7MB

Download
memory/488-34-0x00007FF8B2AA0000-0x00007FF8B3B50000-memory.dmp

Filesize
16.7MB

Download