537568f14b7689ec285d979b3c9344bc9b00e34a497b7446964e1831e004975c

Analysis

max time kernel
1491s
max time network
1216s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
24/08/2024, 16:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

X2Download.com-комару битбоксит.mp4--online-audio-convert.com.avi
Size

611KB
MD5

143cf0dc64be0c3aa0b43299e3f65b66
SHA1

bbe5f4b9e2f3b5d88c3342eafb342c67527eeca6
SHA256

537568f14b7689ec285d979b3c9344bc9b00e34a497b7446964e1831e004975c
SHA512

ff5245de9fb0641406c2f7b61a10551997201767bcd03171cb3b1df5eb25e0a56224511fa33bcc7fd6d222dccd2ca20d6424bd2dbdaef95b6194bd0f9e678dc4
SSDEEP

12288:PjJIBbBB3ZJolCDZjkmp2I5Rt9WrT6VZRiNrLeZXcy457ewIVRJ47yb:PjJWBB3Z+kDZjRpdnt9eOPRiRelRqejH

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2560	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2560	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2560	vlc.exe
Token: SeIncBasePriorityPrivilege	2560	vlc.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe
2560	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2560	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\X2Download.com-комару битбоксит.mp4--online-audio-convert.com.avi"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2560-6-0x000007FEF7330000-0x000007FEF7364000-memory.dmp

Filesize
208KB

Download
memory/2560-5-0x000000013FCE0000-0x000000013FDD8000-memory.dmp

Filesize
992KB

Download
memory/2560-9-0x000007FEFADA0000-0x000007FEFADB7000-memory.dmp

Filesize
92KB

Download
memory/2560-12-0x000007FEF6740000-0x000007FEF6751000-memory.dmp

Filesize
68KB

Download
memory/2560-7-0x000007FEF5B40000-0x000007FEF5DF6000-memory.dmp

Filesize
2.7MB

Download
memory/2560-14-0x000007FEF6320000-0x000007FEF6331000-memory.dmp

Filesize
68KB

Download
memory/2560-13-0x000007FEF6720000-0x000007FEF673D000-memory.dmp

Filesize
116KB

Download
memory/2560-11-0x000007FEF6760000-0x000007FEF6777000-memory.dmp

Filesize
92KB

Download
memory/2560-10-0x000007FEF6780000-0x000007FEF6791000-memory.dmp

Filesize
68KB

Download
memory/2560-8-0x000007FEFB2A0000-0x000007FEFB2B8000-memory.dmp

Filesize
96KB

Download
memory/2560-15-0x000007FEF5930000-0x000007FEF5B3B000-memory.dmp

Filesize
2.0MB

Download
memory/2560-17-0x000007FEF62D0000-0x000007FEF6311000-memory.dmp

Filesize
260KB

Download
memory/2560-19-0x000007FEF6280000-0x000007FEF6298000-memory.dmp

Filesize
96KB

Download
memory/2560-22-0x000007FEF6220000-0x000007FEF6231000-memory.dmp

Filesize
68KB

Download
memory/2560-21-0x000007FEF6240000-0x000007FEF6251000-memory.dmp

Filesize
68KB

Download
memory/2560-20-0x000007FEF6260000-0x000007FEF6271000-memory.dmp

Filesize
68KB

Download
memory/2560-18-0x000007FEF62A0000-0x000007FEF62C1000-memory.dmp

Filesize
132KB

Download
memory/2560-23-0x000007FEF6200000-0x000007FEF621B000-memory.dmp

Filesize
108KB

Download
memory/2560-24-0x000007FEF61E0000-0x000007FEF61F1000-memory.dmp

Filesize
68KB

Download
memory/2560-26-0x000007FEF6190000-0x000007FEF61C0000-memory.dmp

Filesize
192KB

Download
memory/2560-25-0x000007FEF61C0000-0x000007FEF61D8000-memory.dmp

Filesize
96KB

Download
memory/2560-27-0x000007FEF4810000-0x000007FEF4877000-memory.dmp

Filesize
412KB

Download
memory/2560-29-0x000007FEF6170000-0x000007FEF6181000-memory.dmp

Filesize
68KB

Download
memory/2560-28-0x000007FEF4790000-0x000007FEF480C000-memory.dmp

Filesize
496KB

Download
memory/2560-30-0x000007FEF4730000-0x000007FEF4787000-memory.dmp

Filesize
348KB

Download
memory/2560-31-0x000007FEF4700000-0x000007FEF4728000-memory.dmp

Filesize
160KB

Download
memory/2560-32-0x000007FEF4580000-0x000007FEF4700000-memory.dmp

Filesize
1.5MB

Download
memory/2560-33-0x000007FEF4560000-0x000007FEF4577000-memory.dmp

Filesize
92KB

Download
memory/2560-16-0x000007FEF4880000-0x000007FEF5930000-memory.dmp

Filesize
16.7MB

Download
memory/2560-35-0x000007FEF2AE0000-0x000007FEF2CE6000-memory.dmp

Filesize
2.0MB

Download
memory/2560-34-0x000007FEF2CF0000-0x000007FEF455F000-memory.dmp

Filesize
24.4MB

Download
memory/2560-37-0x000007FEF2A70000-0x000007FEF2AB2000-memory.dmp

Filesize
264KB

Download
memory/2560-36-0x000007FEF2AC0000-0x000007FEF2AD2000-memory.dmp

Filesize
72KB

Download
memory/2560-38-0x000007FEF2A20000-0x000007FEF2A6D000-memory.dmp

Filesize
308KB

Download
memory/2560-39-0x000007FEF28B0000-0x000007FEF2A1B000-memory.dmp

Filesize
1.4MB

Download
memory/2560-40-0x000007FEF2850000-0x000007FEF28A7000-memory.dmp

Filesize
348KB

Download
memory/2560-43-0x000007FEF25B0000-0x000007FEF25DF000-memory.dmp

Filesize
188KB

Download
memory/2560-42-0x000007FEF25E0000-0x000007FEF25F1000-memory.dmp

Filesize
68KB

Download
memory/2560-41-0x000007FEF2600000-0x000007FEF2841000-memory.dmp

Filesize
2.3MB

Download
memory/2560-44-0x000007FEF2590000-0x000007FEF25A3000-memory.dmp

Filesize
76KB

Download
memory/2560-45-0x000007FEF2570000-0x000007FEF2581000-memory.dmp

Filesize
68KB

Download
memory/2560-46-0x000007FEF24A0000-0x000007FEF2565000-memory.dmp

Filesize
788KB

Download
memory/2560-47-0x000007FEF2480000-0x000007FEF2493000-memory.dmp

Filesize
76KB

Download
memory/2560-48-0x000007FEF2460000-0x000007FEF2471000-memory.dmp

Filesize
68KB

Download
memory/2560-51-0x000007FEF1E20000-0x000007FEF1E43000-memory.dmp

Filesize
140KB

Download
memory/2560-50-0x000007FEF1E50000-0x000007FEF1E65000-memory.dmp

Filesize
84KB

Download
memory/2560-52-0x000007FEF1E00000-0x000007FEF1E13000-memory.dmp

Filesize
76KB

Download
memory/2560-56-0x000007FEF1880000-0x000007FEF18E1000-memory.dmp

Filesize
388KB

Download
memory/2560-55-0x000007FEF18F0000-0x000007FEF1901000-memory.dmp

Filesize
68KB

Download
memory/2560-57-0x000007FEF1830000-0x000007FEF1877000-memory.dmp

Filesize
284KB

Download
memory/2560-54-0x000007FEF1CB0000-0x000007FEF1CC1000-memory.dmp

Filesize
68KB

Download
memory/2560-53-0x000007FEF1CF0000-0x000007FEF1DF6000-memory.dmp

Filesize
1.0MB

Download
memory/2560-58-0x000007FEF1720000-0x000007FEF1794000-memory.dmp

Filesize
464KB

Download
memory/2560-59-0x000007FEF16D0000-0x000007FEF16E1000-memory.dmp

Filesize
68KB

Download
memory/2560-60-0x000007FEEF530000-0x000007FEEF57E000-memory.dmp

Filesize
312KB

Download
memory/2560-61-0x000007FEEF4D0000-0x000007FEEF527000-memory.dmp

Filesize
348KB

Download
memory/2560-62-0x000007FEEF490000-0x000007FEEF4C4000-memory.dmp

Filesize
208KB

Download
memory/2560-49-0x000007FEF1E70000-0x000007FEF2120000-memory.dmp

Filesize
2.7MB

Download
memory/2560-65-0x000007FEF5B40000-0x000007FEF5DF6000-memory.dmp

Filesize
2.7MB

Download