17ec52a9f20256c5614fd998a809b14446c9bfb88996e6c99c475b01dcb40f99

Analysis

max time kernel
128s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
11/08/2024, 16:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

WhatsApp Ses 2024-08-04 saat 01.48.47_76a23153.mp3
Size

43KB
MD5

c57ecf4a5ffcf87567b3a6f5bc441d23
SHA1

b73adfb793a9e40a05f978b8b4faf7c01b5f83a4
SHA256

17ec52a9f20256c5614fd998a809b14446c9bfb88996e6c99c475b01dcb40f99
SHA512

da471f7a2e50e3d7cb4ed9c68ed344feeea45e277d33c7a189a44f9d2df4360e78bab413f4f9ab20a2dd467bd4755ea55a89db328dae87f3376e0bf0e38e2048
SSDEEP

768:SRZ9Ha5e2iNVJYcRH1lGyy6rX3h+BGgOEQHtlPsd00sPHtYlL3lLm2xt2a7+jHE:SRva5biNVqOH7GmrXIMgO3tlPos/I3lF

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1988	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1988	vlc.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe
1988	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1988	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\WhatsApp Ses 2024-08-04 saat 01.48.47_76a23153.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:1988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini

Filesize
130B

MD5
989514515d5d6e21a1d4ce226f72e2ff

SHA1
e5f5a768e7ed9aa3b59b28b6db18b110db916cce

SHA256
64248531811dac50cfbff8e9f99989d2e370c46fa6f3f6bbffb9c40e14c25f6b

SHA512
925501c9a8e0ce3a3a7a340b6d531b5564f0441ab5eb5386a370cfa4475bf361ae770317b35a7f7ee4b99e3641d1e8ff9d38299b7e814f18ab8921bf818c0da8

Download Submit
C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock

Filesize
18B

MD5
71b7025658bbb88f1ccacee070d9e1c7

SHA1
42c02ba8b9649e3982730257539e216cc3ac65a6

SHA256
a64fd6687dbf08aa09968429e92481ba93941a0113727c50618dc608e170fcf5

SHA512
2793bdeddd3c1e3e6483cf612948d20e90e53ae3ab037c94697bf9a502c012f2de7a2bc18f11a87edf3e047032315afba78ea2743c27af4e3cdd793f36cc06f0

Download Submit
memory/1988-24-0x000007FEF67F0000-0x000007FEF6801000-memory.dmp

Filesize
68KB

Download
memory/1988-25-0x000007FEF67D0000-0x000007FEF67E8000-memory.dmp

Filesize
96KB

Download
memory/1988-9-0x000007FEFACC0000-0x000007FEFACD7000-memory.dmp

Filesize
92KB

Download
memory/1988-11-0x000007FEF7370000-0x000007FEF7387000-memory.dmp

Filesize
92KB

Download
memory/1988-12-0x000007FEF7350000-0x000007FEF7361000-memory.dmp

Filesize
68KB

Download
memory/1988-14-0x000007FEF7310000-0x000007FEF7321000-memory.dmp

Filesize
68KB

Download
memory/1988-7-0x000007FEF5C70000-0x000007FEF5F26000-memory.dmp

Filesize
2.7MB

Download
memory/1988-13-0x000007FEF7330000-0x000007FEF734D000-memory.dmp

Filesize
116KB

Download
memory/1988-15-0x000007FEF5A60000-0x000007FEF5C6B000-memory.dmp

Filesize
2.0MB

Download
memory/1988-20-0x000007FEF7250000-0x000007FEF7261000-memory.dmp

Filesize
68KB

Download
memory/1988-17-0x000007FEF72C0000-0x000007FEF7301000-memory.dmp

Filesize
260KB

Download
memory/1988-21-0x000007FEF6850000-0x000007FEF6861000-memory.dmp

Filesize
68KB

Download
memory/1988-22-0x000007FEF6830000-0x000007FEF6841000-memory.dmp

Filesize
68KB

Download
memory/1988-23-0x000007FEF6810000-0x000007FEF682B000-memory.dmp

Filesize
108KB

Download
memory/1988-19-0x000007FEF7270000-0x000007FEF7288000-memory.dmp

Filesize
96KB

Download
memory/1988-18-0x000007FEF7290000-0x000007FEF72B1000-memory.dmp

Filesize
132KB

Download
memory/1988-10-0x000007FEF7390000-0x000007FEF73A1000-memory.dmp

Filesize
68KB

Download
memory/1988-6-0x000007FEF74E0000-0x000007FEF7514000-memory.dmp

Filesize
208KB

Download
memory/1988-26-0x000007FEF67A0000-0x000007FEF67D0000-memory.dmp

Filesize
192KB

Download
memory/1988-27-0x000007FEF6730000-0x000007FEF6797000-memory.dmp

Filesize
412KB

Download
memory/1988-30-0x000007FEF61C0000-0x000007FEF61D8000-memory.dmp

Filesize
96KB

Download
memory/1988-32-0x000007FEF4950000-0x000007FEF49A7000-memory.dmp

Filesize
348KB

Download
memory/1988-16-0x000007FEF49B0000-0x000007FEF5A60000-memory.dmp

Filesize
16.7MB

Download
memory/1988-35-0x000007FEF48E0000-0x000007FEF48F1000-memory.dmp

Filesize
68KB

Download
memory/1988-34-0x000007FEF4900000-0x000007FEF4913000-memory.dmp

Filesize
76KB

Download
memory/1988-33-0x000007FEF4920000-0x000007FEF494F000-memory.dmp

Filesize
188KB

Download
memory/1988-31-0x000007FEF61A0000-0x000007FEF61B1000-memory.dmp

Filesize
68KB

Download
memory/1988-29-0x000007FEF6250000-0x000007FEF6261000-memory.dmp

Filesize
68KB

Download
memory/1988-28-0x000007FEF66B0000-0x000007FEF672C000-memory.dmp

Filesize
496KB

Download
memory/1988-36-0x000007FEF4810000-0x000007FEF48D5000-memory.dmp

Filesize
788KB

Download
memory/1988-37-0x000007FEF2B90000-0x000007FEF2BE7000-memory.dmp

Filesize
348KB

Download
memory/1988-38-0x000007FEF2B60000-0x000007FEF2B88000-memory.dmp

Filesize
160KB

Download
memory/1988-46-0x000007FEF5C70000-0x000007FEF5F26000-memory.dmp

Filesize
2.7MB

Download
memory/1988-8-0x000007FEFB120000-0x000007FEFB138000-memory.dmp

Filesize
96KB

Download
memory/1988-5-0x000000013F300000-0x000000013F3F8000-memory.dmp

Filesize
992KB

Download