Analysis

  • max time kernel
    140s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    23-07-2024 06:40

General

  • Target

    battuta.flv

  • Size

    21KB

  • MD5

    8274785d42b79444767fb0261746fe91

  • SHA1

    8c26e85bddfe4f24c229468b5faa0b2ad3a05549

  • SHA256

    be074196291ccf74b3c4c8bd292f92da99ec37a25dc8af651bd0ba3f0d020349

  • SHA512

    df14f6bdb4736d620eee7294d4d4fac5caeb5a382cfd63e0f0afd6779282fa2f498354d221bc7aa1d2c657a0953088bffb253be8c128d2cd9fd5957613eed9bb

  • SSDEEP

    384:Mb4Cr91VOCquEG5CqjQaygy1MFznhPqLPL+IbbjXjn4oppc4gEaq:s1r91h5tCyyVSzST+InH4opWvEb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\battuta.flv"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2640-1-0x000007FEFABF0000-0x000007FEFAC24000-memory.dmp

    Filesize

    208KB

  • memory/2640-0-0x000000013FDD0000-0x000000013FEC8000-memory.dmp

    Filesize

    992KB

  • memory/2640-3-0x000007FEFB910000-0x000007FEFB928000-memory.dmp

    Filesize

    96KB

  • memory/2640-9-0x000007FEF6E80000-0x000007FEF6E91000-memory.dmp

    Filesize

    68KB

  • memory/2640-8-0x000007FEF6EA0000-0x000007FEF6EBD000-memory.dmp

    Filesize

    116KB

  • memory/2640-7-0x000007FEF6EC0000-0x000007FEF6ED1000-memory.dmp

    Filesize

    68KB

  • memory/2640-6-0x000007FEF7970000-0x000007FEF7987000-memory.dmp

    Filesize

    92KB

  • memory/2640-5-0x000007FEF7DD0000-0x000007FEF7DE1000-memory.dmp

    Filesize

    68KB

  • memory/2640-4-0x000007FEFAB90000-0x000007FEFABA7000-memory.dmp

    Filesize

    92KB

  • memory/2640-2-0x000007FEF7DF0000-0x000007FEF80A6000-memory.dmp

    Filesize

    2.7MB

  • memory/2640-11-0x000007FEF5730000-0x000007FEF593B000-memory.dmp

    Filesize

    2.0MB

  • memory/2640-12-0x000007FEF56E0000-0x000007FEF5721000-memory.dmp

    Filesize

    260KB

  • memory/2640-31-0x000007FEF5370000-0x000007FEF5382000-memory.dmp

    Filesize

    72KB

  • memory/2640-30-0x000007FEF5390000-0x000007FEF53A1000-memory.dmp

    Filesize

    68KB

  • memory/2640-29-0x000007FEF53B0000-0x000007FEF53D3000-memory.dmp

    Filesize

    140KB

  • memory/2640-28-0x000007FEF53E0000-0x000007FEF53F8000-memory.dmp

    Filesize

    96KB

  • memory/2640-27-0x000007FEF5400000-0x000007FEF5424000-memory.dmp

    Filesize

    144KB

  • memory/2640-10-0x000007FEF5940000-0x000007FEF69F0000-memory.dmp

    Filesize

    16.7MB

  • memory/2640-26-0x000007FEF5430000-0x000007FEF5458000-memory.dmp

    Filesize

    160KB

  • memory/2640-25-0x000007FEF5460000-0x000007FEF54B7000-memory.dmp

    Filesize

    348KB

  • memory/2640-24-0x000007FEF54C0000-0x000007FEF54D1000-memory.dmp

    Filesize

    68KB

  • memory/2640-23-0x000007FEF54E0000-0x000007FEF555C000-memory.dmp

    Filesize

    496KB

  • memory/2640-22-0x000007FEF5560000-0x000007FEF55C7000-memory.dmp

    Filesize

    412KB

  • memory/2640-21-0x000007FEF55D0000-0x000007FEF5600000-memory.dmp

    Filesize

    192KB

  • memory/2640-20-0x000007FEF5600000-0x000007FEF5618000-memory.dmp

    Filesize

    96KB

  • memory/2640-19-0x000007FEF5620000-0x000007FEF5631000-memory.dmp

    Filesize

    68KB

  • memory/2640-18-0x000007FEF5640000-0x000007FEF565B000-memory.dmp

    Filesize

    108KB

  • memory/2640-17-0x000007FEF5660000-0x000007FEF5671000-memory.dmp

    Filesize

    68KB

  • memory/2640-16-0x000007FEF5680000-0x000007FEF5691000-memory.dmp

    Filesize

    68KB

  • memory/2640-15-0x000007FEF56A0000-0x000007FEF56B1000-memory.dmp

    Filesize

    68KB

  • memory/2640-14-0x000007FEF56C0000-0x000007FEF56D8000-memory.dmp

    Filesize

    96KB

  • memory/2640-13-0x000007FEF6E50000-0x000007FEF6E71000-memory.dmp

    Filesize

    132KB