86d652f71a24edc2cb107b443572074e8ba104530d980251492616a70fc616a6

Analysis

max time kernel
140s
max time network
122s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
13/07/2024, 21:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Ebanat508 - Пора.mp3
Size

463KB
MD5

f4a08e398fc526b8bcb6362412e73477
SHA1

013ca07bd929d72421f095970691133f8856bb9f
SHA256

86d652f71a24edc2cb107b443572074e8ba104530d980251492616a70fc616a6
SHA512

5917db9d2902d7cb0e1122ed5eb9d343d4f0fc478833ad6fb0e6dcba30fdd277613fe195289c75bb39315f550451fc8a0017ed6cdf61b0cb5fd2a11beb691f21
SSDEEP

6144:x63hPGDgXeQip95r5e/4m29IeIiPlQdgwXtCJ9kcCPaXOdyiwD1aZr8jG1vvc0e4:xKetpjdeQBI+G9Xt69VXOFzh9c0eZi

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2748	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2748	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2748	vlc.exe
Token: SeIncBasePriorityPrivilege	2748	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe
2748	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2748	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Ebanat508 - Пора.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2748-6-0x000007FEF8550000-0x000007FEF8584000-memory.dmp

Filesize
208KB

Download
memory/2748-5-0x000000013F420000-0x000000013F518000-memory.dmp

Filesize
992KB

Download
memory/2748-13-0x000007FEF83A0000-0x000007FEF83BD000-memory.dmp

Filesize
116KB

Download
memory/2748-14-0x000007FEF8380000-0x000007FEF8391000-memory.dmp

Filesize
68KB

Download
memory/2748-9-0x000007FEFB560000-0x000007FEFB577000-memory.dmp

Filesize
92KB

Download
memory/2748-12-0x000007FEF83C0000-0x000007FEF83D1000-memory.dmp

Filesize
68KB

Download
memory/2748-11-0x000007FEF83E0000-0x000007FEF83F7000-memory.dmp

Filesize
92KB

Download
memory/2748-10-0x000007FEF8400000-0x000007FEF8411000-memory.dmp

Filesize
68KB

Download
memory/2748-7-0x000007FEF68D0000-0x000007FEF6B86000-memory.dmp

Filesize
2.7MB

Download
memory/2748-8-0x000007FEFBB60000-0x000007FEFBB78000-memory.dmp

Filesize
96KB

Download
memory/2748-27-0x000007FEF7790000-0x000007FEF77F7000-memory.dmp

Filesize
412KB

Download
memory/2748-26-0x000007FEF7800000-0x000007FEF7830000-memory.dmp

Filesize
192KB

Download
memory/2748-25-0x000007FEF7830000-0x000007FEF7848000-memory.dmp

Filesize
96KB

Download
memory/2748-24-0x000007FEF7850000-0x000007FEF7861000-memory.dmp

Filesize
68KB

Download
memory/2748-23-0x000007FEF7870000-0x000007FEF788B000-memory.dmp

Filesize
108KB

Download
memory/2748-22-0x000007FEF7890000-0x000007FEF78A1000-memory.dmp

Filesize
68KB

Download
memory/2748-21-0x000007FEF78B0000-0x000007FEF78C1000-memory.dmp

Filesize
68KB

Download
memory/2748-20-0x000007FEF82C0000-0x000007FEF82D1000-memory.dmp

Filesize
68KB

Download
memory/2748-19-0x000007FEF82E0000-0x000007FEF82F8000-memory.dmp

Filesize
96KB

Download
memory/2748-18-0x000007FEF8300000-0x000007FEF8321000-memory.dmp

Filesize
132KB

Download
memory/2748-17-0x000007FEF8330000-0x000007FEF8371000-memory.dmp

Filesize
260KB

Download
memory/2748-16-0x000007FEF5610000-0x000007FEF581B000-memory.dmp

Filesize
2.0MB

Download
memory/2748-31-0x000007FEF6FA0000-0x000007FEF6FF7000-memory.dmp

Filesize
348KB

Download
memory/2748-35-0x000007FEF6F50000-0x000007FEF6F7F000-memory.dmp

Filesize
188KB

Download
memory/2748-40-0x000007FEF5180000-0x000007FEF5192000-memory.dmp

Filesize
72KB

Download
memory/2748-39-0x000007FEF51A0000-0x000007FEF51B1000-memory.dmp

Filesize
68KB

Download
memory/2748-38-0x000007FEF51E0000-0x000007FEF51F5000-memory.dmp

Filesize
84KB

Download
memory/2748-37-0x000007FEF6F10000-0x000007FEF6F26000-memory.dmp

Filesize
88KB

Download
memory/2748-36-0x000007FEF6F30000-0x000007FEF6F41000-memory.dmp

Filesize
68KB

Download
memory/2748-15-0x000007FEF5820000-0x000007FEF68D0000-memory.dmp

Filesize
16.7MB

Download
memory/2748-34-0x000007FEF82B0000-0x000007FEF82C0000-memory.dmp

Filesize
64KB

Download
memory/2748-33-0x000007FEF6F80000-0x000007FEF6F97000-memory.dmp

Filesize
92KB

Download
memory/2748-32-0x000007FEF5490000-0x000007FEF5610000-memory.dmp

Filesize
1.5MB

Download
memory/2748-30-0x000007FEF7220000-0x000007FEF7238000-memory.dmp

Filesize
96KB

Download
memory/2748-29-0x000007FEF7240000-0x000007FEF7251000-memory.dmp

Filesize
68KB

Download
memory/2748-28-0x000007FEF7710000-0x000007FEF778C000-memory.dmp

Filesize
496KB

Download
memory/2748-41-0x000007FEF5000000-0x000007FEF517A000-memory.dmp

Filesize
1.5MB

Download