0ebd6262c1467b03392c988e3af08c67821661040997d442299fc37fd633dbc5

Resubmissions

12/09/2024, 20:50

240912-zmmtkstfkj 3

12/09/2024, 20:47

240912-zlcxzsthne 6

Analysis

max time kernel
140s
max time network
123s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
12/09/2024, 20:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

angrybirdsmaker0.4.2.1-dist/angrybirdsmaker0.4.2.1-dist/ABM_0.4.2.1_ASDK_.compiled/data_sdk/audio/cypigs/bomb_2009_flying.wav
Size

106KB
MD5

4a252310fc18485bb3e0ad02ecaa1d71
SHA1

d84150f90ea33250ab6c3e95a1b2443cd6385d38
SHA256

e991b5d7b8d15a0f89b2233ee68ad66872b68ec2d43b56e2ee73aad906b25d79
SHA512

21782e0dd6c7e8d963d320cdc05a19757f7dbe872831cd7ee6092defc31f267c8aea6465badf1803ad31ab22de360eee036d5274a9893446e763115d9f58ef8a
SSDEEP

1536:SjMRS15SxXyJmADn6Z9UPQtQITmMCubJA1Vp1vUC7/RlNqMxr9eFF+TqLHUN2eLw:wIW5QycfmKQwmMbbWVphfZOj6qLGYoS

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2872	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2872	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2872	vlc.exe
Token: SeIncBasePriorityPrivilege	2872	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe
2872	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2872	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\angrybirdsmaker0.4.2.1-dist\angrybirdsmaker0.4.2.1-dist\ABM_0.4.2.1_ASDK_.compiled\data_sdk\audio\cypigs\bomb_2009_flying.wav"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2872

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2872-6-0x000007FEF7370000-0x000007FEF73A4000-memory.dmp

Filesize
208KB

Download
memory/2872-5-0x000000013F970000-0x000000013FA68000-memory.dmp

Filesize
992KB

Download
memory/2872-10-0x000007FEF6570000-0x000007FEF6581000-memory.dmp

Filesize
68KB

Download
memory/2872-9-0x000007FEF6590000-0x000007FEF65A7000-memory.dmp

Filesize
92KB

Download
memory/2872-8-0x000007FEFB030000-0x000007FEFB048000-memory.dmp

Filesize
96KB

Download
memory/2872-11-0x000007FEF6550000-0x000007FEF6567000-memory.dmp

Filesize
92KB

Download
memory/2872-12-0x000007FEF6530000-0x000007FEF6541000-memory.dmp

Filesize
68KB

Download
memory/2872-13-0x000007FEF6080000-0x000007FEF609D000-memory.dmp

Filesize
116KB

Download
memory/2872-14-0x000007FEF6060000-0x000007FEF6071000-memory.dmp

Filesize
68KB

Download
memory/2872-7-0x000007FEF70B0000-0x000007FEF7366000-memory.dmp

Filesize
2.7MB

Download
memory/2872-16-0x000007FEF5D80000-0x000007FEF5DC1000-memory.dmp

Filesize
260KB

Download
memory/2872-15-0x000007FEF5740000-0x000007FEF594B000-memory.dmp

Filesize
2.0MB

Download
memory/2872-18-0x000007FEF6030000-0x000007FEF6051000-memory.dmp

Filesize
132KB

Download
memory/2872-20-0x000007FEF5D60000-0x000007FEF5D71000-memory.dmp

Filesize
68KB

Download
memory/2872-19-0x000007FEF5E40000-0x000007FEF5E58000-memory.dmp

Filesize
96KB

Download
memory/2872-22-0x000007FEF5D20000-0x000007FEF5D31000-memory.dmp

Filesize
68KB

Download
memory/2872-26-0x000007FEF4660000-0x000007FEF4690000-memory.dmp

Filesize
192KB

Download
memory/2872-25-0x000007FEF5CC0000-0x000007FEF5CD8000-memory.dmp

Filesize
96KB

Download
memory/2872-24-0x000007FEF5CE0000-0x000007FEF5CF1000-memory.dmp

Filesize
68KB

Download
memory/2872-27-0x000007FEF45F0000-0x000007FEF4657000-memory.dmp

Filesize
412KB

Download
memory/2872-28-0x000007FEF4570000-0x000007FEF45EC000-memory.dmp

Filesize
496KB

Download
memory/2872-33-0x000007FEF4470000-0x000007FEF4488000-memory.dmp

Filesize
96KB

Download
memory/2872-32-0x000007FEF4490000-0x000007FEF44B4000-memory.dmp

Filesize
144KB

Download
memory/2872-31-0x000007FEF44C0000-0x000007FEF44E8000-memory.dmp

Filesize
160KB

Download
memory/2872-30-0x000007FEF44F0000-0x000007FEF4547000-memory.dmp

Filesize
348KB

Download
memory/2872-37-0x000007FEFA2C0000-0x000007FEFA2D0000-memory.dmp

Filesize
64KB

Download
memory/2872-43-0x000007FEF4120000-0x000007FEF4132000-memory.dmp

Filesize
72KB

Download
memory/2872-42-0x000007FEF4140000-0x000007FEF4151000-memory.dmp

Filesize
68KB

Download
memory/2872-41-0x000007FEF4180000-0x000007FEF4195000-memory.dmp

Filesize
84KB

Download
memory/2872-50-0x000007FEF3EE0000-0x000007FEF3EF6000-memory.dmp

Filesize
88KB

Download
memory/2872-49-0x000007FEF3F00000-0x000007FEF3F11000-memory.dmp

Filesize
68KB

Download
memory/2872-48-0x000007FEF3F20000-0x000007FEF3F31000-memory.dmp

Filesize
68KB

Download
memory/2872-47-0x000007FEF3F40000-0x000007FEF3F51000-memory.dmp

Filesize
68KB

Download
memory/2872-46-0x000007FEF3F60000-0x000007FEF3F74000-memory.dmp

Filesize
80KB

Download
memory/2872-45-0x000007FEF3F80000-0x000007FEF3F93000-memory.dmp

Filesize
76KB

Download
memory/2872-44-0x000007FEF3FA0000-0x000007FEF411A000-memory.dmp

Filesize
1.5MB

Download
memory/2872-40-0x000007FEF41A0000-0x000007FEF41B6000-memory.dmp

Filesize
88KB

Download
memory/2872-39-0x000007FEF41C0000-0x000007FEF41D1000-memory.dmp

Filesize
68KB

Download
memory/2872-38-0x000007FEF41E0000-0x000007FEF420F000-memory.dmp

Filesize
188KB

Download
memory/2872-36-0x000007FEF4400000-0x000007FEF4412000-memory.dmp

Filesize
72KB

Download
memory/2872-35-0x000007FEF4420000-0x000007FEF4431000-memory.dmp

Filesize
68KB

Download
memory/2872-34-0x000007FEF4440000-0x000007FEF4463000-memory.dmp

Filesize
140KB

Download
memory/2872-29-0x000007FEF4550000-0x000007FEF4561000-memory.dmp

Filesize
68KB

Download
memory/2872-17-0x000007FEF4690000-0x000007FEF5740000-memory.dmp

Filesize
16.7MB

Download
memory/2872-23-0x000007FEF5D00000-0x000007FEF5D1B000-memory.dmp

Filesize
108KB

Download
memory/2872-21-0x000007FEF5D40000-0x000007FEF5D51000-memory.dmp

Filesize
68KB

Download