Analysis

  • max time kernel
    141s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-07-2024 06:40

General

  • Target

    battuta.flv

  • Size

    21KB

  • MD5

    8274785d42b79444767fb0261746fe91

  • SHA1

    8c26e85bddfe4f24c229468b5faa0b2ad3a05549

  • SHA256

    be074196291ccf74b3c4c8bd292f92da99ec37a25dc8af651bd0ba3f0d020349

  • SHA512

    df14f6bdb4736d620eee7294d4d4fac5caeb5a382cfd63e0f0afd6779282fa2f498354d221bc7aa1d2c657a0953088bffb253be8c128d2cd9fd5957613eed9bb

  • SSDEEP

    384:Mb4Cr91VOCquEG5CqjQaygy1MFznhPqLPL+IbbjXjn4oppc4gEaq:s1r91h5tCyyVSzST+InH4opWvEb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\battuta.flv"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2856-6-0x00007FFE617A0000-0x00007FFE617D4000-memory.dmp

    Filesize

    208KB

  • memory/2856-9-0x00007FFE63FF0000-0x00007FFE64007000-memory.dmp

    Filesize

    92KB

  • memory/2856-13-0x00007FFE5DC60000-0x00007FFE5DC7D000-memory.dmp

    Filesize

    116KB

  • memory/2856-10-0x00007FFE616C0000-0x00007FFE616D1000-memory.dmp

    Filesize

    68KB

  • memory/2856-12-0x00007FFE5DC80000-0x00007FFE5DC91000-memory.dmp

    Filesize

    68KB

  • memory/2856-15-0x00007FFE4ED60000-0x00007FFE4EF6B000-memory.dmp

    Filesize

    2.0MB

  • memory/2856-11-0x00007FFE5E380000-0x00007FFE5E397000-memory.dmp

    Filesize

    92KB

  • memory/2856-7-0x00007FFE4F2F0000-0x00007FFE4F5A6000-memory.dmp

    Filesize

    2.7MB

  • memory/2856-8-0x00007FFE65C20000-0x00007FFE65C38000-memory.dmp

    Filesize

    96KB

  • memory/2856-5-0x00007FF621FC0000-0x00007FF6220B8000-memory.dmp

    Filesize

    992KB

  • memory/2856-23-0x00007FFE552E0000-0x00007FFE552F1000-memory.dmp

    Filesize

    68KB

  • memory/2856-17-0x00007FFE5DA90000-0x00007FFE5DAD1000-memory.dmp

    Filesize

    260KB

  • memory/2856-22-0x00007FFE5D920000-0x00007FFE5D931000-memory.dmp

    Filesize

    68KB

  • memory/2856-21-0x00007FFE5D940000-0x00007FFE5D951000-memory.dmp

    Filesize

    68KB

  • memory/2856-20-0x00007FFE5D960000-0x00007FFE5D971000-memory.dmp

    Filesize

    68KB

  • memory/2856-19-0x00007FFE5D980000-0x00007FFE5D998000-memory.dmp

    Filesize

    96KB

  • memory/2856-18-0x00007FFE5DA60000-0x00007FFE5DA81000-memory.dmp

    Filesize

    132KB

  • memory/2856-14-0x00007FFE5DAE0000-0x00007FFE5DAF1000-memory.dmp

    Filesize

    68KB

  • memory/2856-16-0x00007FFE4DCB0000-0x00007FFE4ED60000-memory.dmp

    Filesize

    16.7MB

  • memory/2856-35-0x00007FFE4DCB0000-0x00007FFE4ED60000-memory.dmp

    Filesize

    16.7MB

  • memory/2856-54-0x00007FFE4DCB0000-0x00007FFE4ED60000-memory.dmp

    Filesize

    16.7MB