Resubmissions
10-08-2024 15:21
240810-srb5bayhqh 610-08-2024 15:16
240810-snljksvemn 610-08-2024 15:12
240810-slh1nsvdpj 6Analysis
-
max time kernel
140s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
10-08-2024 15:21
Static task
static1
Behavioral task
behavioral1
Sample
Helldivers 2 Main Theme - _A Cup Of Liber-Tea_.mp3
Resource
win7-20240705-en
6 signatures
150 seconds
General
-
Target
Helldivers 2 Main Theme - _A Cup Of Liber-Tea_.mp3
-
Size
8.3MB
-
MD5
2f6f56e371da28c646dc1b3108680fc6
-
SHA1
225e019f54fe8ad1b4f544e67bc2a4efd0058e65
-
SHA256
110cc04be2c257d3b64b427bf39c64e1d347b50bc18953d96610a731a5bd98c3
-
SHA512
e5b0af1e749f82892e66f1b80fb1fcd181b9fb4ba18d6ce527650ce5828e02f4ac55b8ffc4ed1243cb0dc0dc199433f312903d91c93b39db88ca45108dc02e52
-
SSDEEP
196608:aSY+jtkDyYV58HiqdCdR+kFj4E9HOWy64pZPuyK:aR+jOh58pdy7FsEROWyLOyK
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
Processes:
vlc.exepid process 2220 vlc.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
vlc.exepid process 2220 vlc.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes:
vlc.exedescription pid process Token: 33 2220 vlc.exe Token: SeIncBasePriorityPrivilege 2220 vlc.exe -
Suspicious use of FindShellTrayWindow 6 IoCs
Processes:
vlc.exepid process 2220 vlc.exe 2220 vlc.exe 2220 vlc.exe 2220 vlc.exe 2220 vlc.exe 2220 vlc.exe -
Suspicious use of SendNotifyMessage 5 IoCs
Processes:
vlc.exepid process 2220 vlc.exe 2220 vlc.exe 2220 vlc.exe 2220 vlc.exe 2220 vlc.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
vlc.exepid process 2220 vlc.exe
Processes
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Helldivers 2 Main Theme - _A Cup Of Liber-Tea_.mp3"1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2220