Overview

overview

6

Static

static

1

v15044gf00...g0.mov

windows7-x64

1

v15044gf00...g0.mov

windows10-2004-x64

6

Analysis

  • max time kernel
    1440s
  • max time network
    1446s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2024, 17:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    v15044gf0000cqrtvpfog65l2sj3pgg0.mov

  • Size

    1.1MB

  • MD5

    443abf91a454f66df2dfee1aaf1c346f

  • SHA1

    3c3d06de55f4aeaca301c1e020c19495ad52b4c3

  • SHA256

    097a484ad62efccf004d14f57bb74f7fdab1bc478541ba5b85bed6d9873b0376

  • SHA512

    b1f4e3c8cb1851868ff9c00c79d5f0a1879aac3f85875d72bba60fd3c4000b20b6292c06f1ce4c96c9203d37675529de8a48677130dda83b1f763b19c126c90a

  • SSDEEP

    24576:v2Yug2WNuHyuN6aq4pBGwaoceqEnKkot6c:JugeHl0aq4reB3Enw

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 35 IoCs
  • Suspicious use of SendNotifyMessage 9 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\v15044gf0000cqrtvpfog65l2sj3pgg0.mov"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2240
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x520
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2240-17-0x000000013FAB0000-0x000000013FBA8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/2240-18-0x000007FEFAB90000-0x000007FEFABC4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2240-19-0x000007FEF7480000-0x000007FEF7736000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2240-20-0x000007FEF4F80000-0x000007FEF6030000-memory.dmp

    Filesize

    16.7MB

    Download