0ebd6262c1467b03392c988e3af08c67821661040997d442299fc37fd633dbc5

Resubmissions

12/09/2024, 20:50

240912-zmmtkstfkj 3

12/09/2024, 20:47

240912-zlcxzsthne 6

Analysis

max time kernel
140s
max time network
129s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
12/09/2024, 20:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

angrybirdsmaker0.4.2.1-dist/angrybirdsmaker0.4.2.1-dist/ABM_0.4.2.1_ASDK_.compiled/data_sdk/audio/cypigs/cypig_collision_06.wav
Size

80KB
MD5

931f772e3b6629e2e39d0467c597edca
SHA1

03d19246344cf7db1c562b07560d140fc5a8001c
SHA256

ba54a5fca6d2f0cd02827790afe74394cc5267d2509b88b568e17ea5e5236e3d
SHA512

b85656128e347173fda25a6b86be9b018c0737f06e84f2a6bcfe7ba8e593d028d418b15b2758bd4254474fbc18acd54a817b8233c27c7237de1b8779ca55fcac
SSDEEP

1536:cmamdZy6B6pc6wr8Y5LRq9HjhSr2deXmiVXqFVmkMmfkvJ+cS:6CUpcp8Yq9Z0mCDmfEJXS

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2056	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2056	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2056	vlc.exe
Token: SeIncBasePriorityPrivilege	2056	vlc.exe

Suspicious use of FindShellTrayWindow 8 IoCs

pid	Process
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe

Suspicious use of SendNotifyMessage 7 IoCs

pid	Process
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe
2056	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2056	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\angrybirdsmaker0.4.2.1-dist\angrybirdsmaker0.4.2.1-dist\ABM_0.4.2.1_ASDK_.compiled\data_sdk\audio\cypigs\cypig_collision_06.wav"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2056-6-0x000007FEF7450000-0x000007FEF7484000-memory.dmp

Filesize
208KB

Download
memory/2056-5-0x000000013F160000-0x000000013F258000-memory.dmp

Filesize
992KB

Download
memory/2056-8-0x000007FEFBDD0000-0x000007FEFBDE8000-memory.dmp

Filesize
96KB

Download
memory/2056-9-0x000007FEF7E70000-0x000007FEF7E87000-memory.dmp

Filesize
92KB

Download
memory/2056-10-0x000007FEF7300000-0x000007FEF7311000-memory.dmp

Filesize
68KB

Download
memory/2056-11-0x000007FEF72E0000-0x000007FEF72F7000-memory.dmp

Filesize
92KB

Download
memory/2056-7-0x000007FEF66B0000-0x000007FEF6966000-memory.dmp

Filesize
2.7MB

Download
memory/2056-13-0x000007FEF6D10000-0x000007FEF6D2D000-memory.dmp

Filesize
116KB

Download
memory/2056-12-0x000007FEF6D30000-0x000007FEF6D41000-memory.dmp

Filesize
68KB

Download
memory/2056-15-0x000007FEF6CF0000-0x000007FEF6D01000-memory.dmp

Filesize
68KB

Download
memory/2056-18-0x000007FEF6C50000-0x000007FEF6C68000-memory.dmp

Filesize
96KB

Download
memory/2056-17-0x000007FEF6C70000-0x000007FEF6C91000-memory.dmp

Filesize
132KB

Download
memory/2056-16-0x000007FEF6CA0000-0x000007FEF6CE1000-memory.dmp

Filesize
260KB

Download
memory/2056-14-0x000007FEF64A0000-0x000007FEF66AB000-memory.dmp

Filesize
2.0MB

Download
memory/2056-20-0x000007FEF6C30000-0x000007FEF6C41000-memory.dmp

Filesize
68KB

Download
memory/2056-21-0x000007FEF6C10000-0x000007FEF6C21000-memory.dmp

Filesize
68KB

Download
memory/2056-22-0x000007FEF6BF0000-0x000007FEF6C01000-memory.dmp

Filesize
68KB

Download
memory/2056-27-0x000007FEF5310000-0x000007FEF5377000-memory.dmp

Filesize
412KB

Download
memory/2056-26-0x000007FEF5380000-0x000007FEF53B0000-memory.dmp

Filesize
192KB

Download
memory/2056-36-0x000007FEF5120000-0x000007FEF5132000-memory.dmp

Filesize
72KB

Download
memory/2056-35-0x000007FEF5140000-0x000007FEF5151000-memory.dmp

Filesize
68KB

Download
memory/2056-34-0x000007FEF5160000-0x000007FEF5183000-memory.dmp

Filesize
140KB

Download
memory/2056-33-0x000007FEF5190000-0x000007FEF51A8000-memory.dmp

Filesize
96KB

Download
memory/2056-37-0x000007FEF7E60000-0x000007FEF7E70000-memory.dmp

Filesize
64KB

Download
memory/2056-32-0x000007FEF51B0000-0x000007FEF51D4000-memory.dmp

Filesize
144KB

Download
memory/2056-31-0x000007FEF51E0000-0x000007FEF5208000-memory.dmp

Filesize
160KB

Download
memory/2056-43-0x000007FEF4E40000-0x000007FEF4E52000-memory.dmp

Filesize
72KB

Download
memory/2056-42-0x000007FEF4E60000-0x000007FEF4E71000-memory.dmp

Filesize
68KB

Download
memory/2056-41-0x000007FEF4EA0000-0x000007FEF4EB5000-memory.dmp

Filesize
84KB

Download
memory/2056-50-0x000007FEF4C00000-0x000007FEF4C16000-memory.dmp

Filesize
88KB

Download
memory/2056-49-0x000007FEF4C20000-0x000007FEF4C31000-memory.dmp

Filesize
68KB

Download
memory/2056-19-0x000007FEF53F0000-0x000007FEF64A0000-memory.dmp

Filesize
16.7MB

Download
memory/2056-48-0x000007FEF4C40000-0x000007FEF4C51000-memory.dmp

Filesize
68KB

Download
memory/2056-47-0x000007FEF4C60000-0x000007FEF4C71000-memory.dmp

Filesize
68KB

Download
memory/2056-46-0x000007FEF4C80000-0x000007FEF4C94000-memory.dmp

Filesize
80KB

Download
memory/2056-45-0x000007FEF4CA0000-0x000007FEF4CB3000-memory.dmp

Filesize
76KB

Download
memory/2056-44-0x000007FEF4CC0000-0x000007FEF4E3A000-memory.dmp

Filesize
1.5MB

Download
memory/2056-40-0x000007FEF4EC0000-0x000007FEF4ED6000-memory.dmp

Filesize
88KB

Download
memory/2056-39-0x000007FEF4EE0000-0x000007FEF4EF1000-memory.dmp

Filesize
68KB

Download
memory/2056-38-0x000007FEF4F00000-0x000007FEF4F2F000-memory.dmp

Filesize
188KB

Download
memory/2056-30-0x000007FEF5210000-0x000007FEF5267000-memory.dmp

Filesize
348KB

Download
memory/2056-29-0x000007FEF5270000-0x000007FEF5281000-memory.dmp

Filesize
68KB

Download
memory/2056-28-0x000007FEF5290000-0x000007FEF530C000-memory.dmp

Filesize
496KB

Download
memory/2056-25-0x000007FEF53B0000-0x000007FEF53C8000-memory.dmp

Filesize
96KB

Download
memory/2056-24-0x000007FEF53D0000-0x000007FEF53E1000-memory.dmp

Filesize
68KB

Download
memory/2056-23-0x000007FEF6BD0000-0x000007FEF6BEB000-memory.dmp

Filesize
108KB

Download