0ebd6262c1467b03392c988e3af08c67821661040997d442299fc37fd633dbc5

Resubmissions

12/09/2024, 20:50

240912-zmmtkstfkj 3

12/09/2024, 20:47

240912-zlcxzsthne 6

Analysis

max time kernel
147s
max time network
146s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
12/09/2024, 20:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

angrybirdsmaker0.4.2.1-dist/angrybirdsmaker0.4.2.1-dist/ABM_0.4.2.1_ASDK_.compiled/data_sdk/audio/cy.wav
Size

148KB
MD5

10aec45603f96b2fce531c367214c482
SHA1

75f6a7c4746b9f8423450f5b93228dc6c8bae7d1
SHA256

8151c6a08ac5474a7ff69dcd52bd390b889cb2176776d802d28b62d22f1ed267
SHA512

99be6f408c153338620724c81d21f53e804c59bf803015bfa36b4d4e329bb36bb5f35c064fe3b2b0958ddc7a9cd3b6259f468177f3b2618fdfb1e65da0a2ad36
SSDEEP

3072:doreoQoNRoOTlZu9AKa/JmZX3ZnWGIhCpw6XMV66efpO/RrrH4shsyIlNB:qeovvrSK/YZXMG8CpzXMRef4J/4XyeNB

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2960	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2960	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2960	vlc.exe
Token: SeIncBasePriorityPrivilege	2960	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe
2960	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2960	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\angrybirdsmaker0.4.2.1-dist\angrybirdsmaker0.4.2.1-dist\ABM_0.4.2.1_ASDK_.compiled\data_sdk\audio\cy.wav"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2960-6-0x000007FEFB0A0000-0x000007FEFB0D4000-memory.dmp

Filesize
208KB

Download
memory/2960-5-0x000000013FEC0000-0x000000013FFB8000-memory.dmp

Filesize
992KB

Download
memory/2960-8-0x000007FEFB480000-0x000007FEFB498000-memory.dmp

Filesize
96KB

Download
memory/2960-10-0x000007FEFB080000-0x000007FEFB091000-memory.dmp

Filesize
68KB

Download
memory/2960-9-0x000007FEFB0F0000-0x000007FEFB107000-memory.dmp

Filesize
92KB

Download
memory/2960-11-0x000007FEFAFA0000-0x000007FEFAFB7000-memory.dmp

Filesize
92KB

Download
memory/2960-12-0x000007FEFAF80000-0x000007FEFAF91000-memory.dmp

Filesize
68KB

Download
memory/2960-13-0x000007FEFAF60000-0x000007FEFAF7D000-memory.dmp

Filesize
116KB

Download
memory/2960-7-0x000007FEF74C0000-0x000007FEF7776000-memory.dmp

Filesize
2.7MB

Download
memory/2960-15-0x000007FEFAF20000-0x000007FEFAF31000-memory.dmp

Filesize
68KB

Download
memory/2960-14-0x000007FEF5FB0000-0x000007FEF61BB000-memory.dmp

Filesize
2.0MB

Download
memory/2960-16-0x000007FEFAED0000-0x000007FEFAF11000-memory.dmp

Filesize
260KB

Download
memory/2960-17-0x000007FEFAEA0000-0x000007FEFAEC1000-memory.dmp

Filesize
132KB

Download
memory/2960-29-0x000007FEF5E70000-0x000007FEF5E81000-memory.dmp

Filesize
68KB

Download
memory/2960-28-0x000007FEF5E90000-0x000007FEF5F0C000-memory.dmp

Filesize
496KB

Download
memory/2960-45-0x000007FEF4950000-0x000007FEF4962000-memory.dmp

Filesize
72KB

Download
memory/2960-44-0x000007FEF4990000-0x000007FEF49A1000-memory.dmp

Filesize
68KB

Download
memory/2960-43-0x000007FEF49B0000-0x000007FEF49C5000-memory.dmp

Filesize
84KB

Download
memory/2960-42-0x000007FEF5AC0000-0x000007FEF5AD6000-memory.dmp

Filesize
88KB

Download
memory/2960-41-0x000007FEF5AE0000-0x000007FEF5AF1000-memory.dmp

Filesize
68KB

Download
memory/2960-40-0x000007FEF5B00000-0x000007FEF5B2F000-memory.dmp

Filesize
188KB

Download
memory/2960-49-0x000007FEF4770000-0x000007FEF4781000-memory.dmp

Filesize
68KB

Download
memory/2960-48-0x000007FEF4790000-0x000007FEF47A4000-memory.dmp

Filesize
80KB

Download
memory/2960-47-0x000007FEF47B0000-0x000007FEF47C3000-memory.dmp

Filesize
76KB

Download
memory/2960-18-0x000007FEF49D0000-0x000007FEF5A80000-memory.dmp

Filesize
16.7MB

Download
memory/2960-46-0x000007FEF47D0000-0x000007FEF494A000-memory.dmp

Filesize
1.5MB

Download
memory/2960-50-0x000007FEF4750000-0x000007FEF4761000-memory.dmp

Filesize
68KB

Download
memory/2960-39-0x000007FEFB180000-0x000007FEFB190000-memory.dmp

Filesize
64KB

Download
memory/2960-38-0x000007FEF5CD0000-0x000007FEF5CE3000-memory.dmp

Filesize
76KB

Download
memory/2960-37-0x000007FEF5CF0000-0x000007FEF5D11000-memory.dmp

Filesize
132KB

Download
memory/2960-36-0x000007FEF5D20000-0x000007FEF5D32000-memory.dmp

Filesize
72KB

Download
memory/2960-35-0x000007FEF5D40000-0x000007FEF5D51000-memory.dmp

Filesize
68KB

Download
memory/2960-34-0x000007FEF5D60000-0x000007FEF5D83000-memory.dmp

Filesize
140KB

Download
memory/2960-33-0x000007FEF5D90000-0x000007FEF5DA8000-memory.dmp

Filesize
96KB

Download
memory/2960-32-0x000007FEF5DB0000-0x000007FEF5DD4000-memory.dmp

Filesize
144KB

Download
memory/2960-31-0x000007FEF5DE0000-0x000007FEF5E08000-memory.dmp

Filesize
160KB

Download
memory/2960-30-0x000007FEF5E10000-0x000007FEF5E67000-memory.dmp

Filesize
348KB

Download
memory/2960-27-0x000007FEF5F10000-0x000007FEF5F77000-memory.dmp

Filesize
412KB

Download
memory/2960-26-0x000007FEF5F80000-0x000007FEF5FB0000-memory.dmp

Filesize
192KB

Download
memory/2960-25-0x000007FEF6460000-0x000007FEF6478000-memory.dmp

Filesize
96KB

Download
memory/2960-22-0x000007FEF6940000-0x000007FEF6951000-memory.dmp

Filesize
68KB

Download
memory/2960-24-0x000007FEF6900000-0x000007FEF6911000-memory.dmp

Filesize
68KB

Download
memory/2960-20-0x000007FEF7480000-0x000007FEF7491000-memory.dmp

Filesize
68KB

Download
memory/2960-23-0x000007FEF6920000-0x000007FEF693B000-memory.dmp

Filesize
108KB

Download
memory/2960-19-0x000007FEF74A0000-0x000007FEF74B8000-memory.dmp

Filesize
96KB

Download
memory/2960-21-0x000007FEF6960000-0x000007FEF6971000-memory.dmp

Filesize
68KB

Download