Overview

overview

9

Static

static

3

Malware_pack_2.zip

windows10-1703-x64

1

Malware_pa...00.zip

windows10-1703-x64

1

Malware_pa...um.zip

windows10-1703-x64

1

Malware_pa...ug.zip

windows10-1703-x64

3

Malware_pa...le.zip

windows10-1703-x64

1

Malware_pa...on.zip

windows10-1703-x64

1

Malware_pa...us.zip

windows10-1703-x64

1

Malware_pa...rd.zip

windows10-1703-x64

1

Malware_pa...1).zip

windows10-1703-x64

1

MEMZ 3.0/MEMZ.bat

windows10-1703-x64

7

MEMZ 3.0/MEMZ.exe

windows10-1703-x64

7

Malware_pa...eg.zip

windows10-1703-x64

1

Malware_pa...ld.zip

windows10-1703-x64

1

Malware_pa....A.zip

windows10-1703-x64

1

Malware_pa...al.zip

windows10-1703-x64

1

Malware_pa...15.zip

windows10-1703-x64

1

Malware_pa...er.zip

windows10-1703-x64

1

Malware_pa...al.exe

windows10-1703-x64

9

Malware_pa...0r.zip

windows10-1703-x64

1

Malware_pa...ro.zip

windows10-1703-x64

1

Malware_pa...od.zip

windows10-1703-x64

1

Malware_pa...ot.zip

windows10-1703-x64

1

Malware_pa...mb.zip

windows10-1703-x64

1

Analysis

  • max time kernel
    314s
  • max time network
    1579s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07-09-2024 17:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Malware_pack_2/Antivirus Platinum.zip

  • Size

    699KB

  • MD5

    ff84853a0f564152bd0b98d3fa63e695

  • SHA1

    47d628d279de8a0d47534f93fa5b046bb7f4c991

  • SHA256

    3aaa9e8ea7c213575fd3ac4ec004629b4ede0de06e243f6aad3cf2403e65d3f2

  • SHA512

    9ea41fe0652832e25fe558c6d97e9f9f85ccd8a5f4d00dbcc1525a20a953fbd76efb64d69ce0fdd53c2747159d68fcb4ac0fa340e0253b5401aebc7fb3774feb

  • SSDEEP

    12288:pKAT6gPoHT7CzZy7fmzVyaF3zA0mKz8doC3m/LuXCC32H+REYWzTdjhoMlX1Q4QM:2gPoHT7CtEfwyaFDAjKz8Bm/LYC+3uYi

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious use of FindShellTrayWindow 42 IoCs
  • Suspicious use of SendNotifyMessage 40 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\Malware_pack_2\Antivirus Platinum.zip"
    1⤵
      PID:1340
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\SearchInstall.mpg"
      1⤵
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:2536
    • C:\Program Files\VideoLAN\VLC\vlc.exe
      "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\OpenRevoke.wvx"
      1⤵
      • Suspicious behavior: AddClipboardFormatListener
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:1500

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\vlc\ml.xspf
      Filesize

      304B

      MD5

      781602441469750c3219c8c38b515ed4

      SHA1

      e885acd1cbd0b897ebcedbb145bef1c330f80595

      SHA256

      81970dbe581373d14fbd451ac4b3f96e5f69b79645f1ee1ca715cff3af0bf20d

      SHA512

      2b0a1717d96edb47bdf0ffeb250a5ec11f7d0638d3e0a62fbe48c064379b473ca88ffbececb32a72129d06c040b107834f1004ccda5f0f35b8c3588034786461

      Download Submit

    • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini
      Filesize

      533B

      MD5

      b5790010cfefccd11b2bf246a991166f

      SHA1

      b2989b7c87cbb59a7f3ca49e66ee97a14f05f7df

      SHA256

      08deeb2d93f81716d59f76fb835b55c1f4148e44b7147667c54a310e491f0030

      SHA512

      7b8b198aa6676d72d79b01ae984ab4a613e86f269315b6ee861106fa9bd7231f3991a45cf1abaab84712204d81c4ec3d145b6c128e10fac553c361a3b005cb51

      Download Submit

    • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.em2536
      Filesize

      78B

      MD5

      6a2aca195fb1cc33a03c41d621544d22

      SHA1

      73eb52df4bc5a473a13954a17596a4d3d0b6a7ee

      SHA256

      a65d096b72758601544611612ce28ab2fd9aa78f7f5d596981c344b442fed2b3

      SHA512

      3256fe835b939287b465f0e478e5786500e44d2c5f433a733eaf83546b6e3eca26226edb75e8e1bd2cba9b4abf9889b77602651f8fb5125e0f0dc5b66e60dc87

      Download Submit

    • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini.lock
      Filesize

      18B

      MD5

      aa646ae00c9c350b4541da3daa47d8cc

      SHA1

      e4cfb299900e4498b70bb663a46e7198138a8350

      SHA256

      2f3c44d055a87f431fb7e2f9f06ecdcc4732386835a3cae281d79dde41989566

      SHA512

      3ed295aff89ab4b1d0e4d6a7c00b3d559af131e4255f635602d64700e75bceb33b9a56f2adb70f9ec8cf00ccc84e4c1090c1a889904b71d639e34eea5fd66124

      Download Submit

    • C:\Users\Admin\AppData\Roaming\vlc\vlcrc
      Filesize

      94KB

      MD5

      7b37c4f352a44c8246bf685258f75045

      SHA1

      817dacb245334f10de0297e69c98b4c9470f083e

      SHA256

      ec45f6e952b43eddc214dba703cf7f31398f3c9f535aad37f42237c56b9b778e

      SHA512

      1e8d675b3c6c9ba257b616da268cac7f1c7a9db12ffb831ed5f8d43c0887d711c197ebc9daf735e3da9a0355bf21c2b29a2fb38a46482a2c5c8cd5628fea4c02

      Download Submit

    • memory/1500-60-0x00007FF667C10000-0x00007FF667D08000-memory.dmp

      Filesize

      992KB

      Download

    • memory/1500-61-0x00007FFAB9CD0000-0x00007FFAB9D04000-memory.dmp

      Filesize

      208KB

      Download

    • memory/1500-63-0x00007FFAB2D10000-0x00007FFAB2E1E000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/1500-62-0x00007FFAB3C80000-0x00007FFAB3F36000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/2536-43-0x00007FFAA3A40000-0x00007FFAA4AF0000-memory.dmp

      Filesize

      16.7MB

      Download

    • memory/2536-42-0x00007FFAB3EB0000-0x00007FFAB4166000-memory.dmp

      Filesize

      2.7MB

      Download

    • memory/2536-40-0x00007FF667C10000-0x00007FF667D08000-memory.dmp

      Filesize

      992KB

      Download

    • memory/2536-41-0x00007FFAB9CD0000-0x00007FFAB9D04000-memory.dmp

      Filesize

      208KB

      Download