ff71b36432b0bb66ec444b9b01ae2da07833a7138abfe5b7afc8cbb46dddaae3

Analysis

max time kernel
141s
max time network
129s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
04/10/2024, 19:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

[SPOTIFY-DOWNLOADER.COM] Carry On.mp3
Size

3.6MB
MD5

a7cbc5e4b6a42625e0ffbef6106d984b
SHA1

fcef00c83ede1df437c511fc6d2ee047ca69cf33
SHA256

7ef348d574aefce2185e384d035d86b3a930df2736947529141a5dec63e78fb7
SHA512

fcfba6c50d0c2531cb0ccd90c26506430a546764e8f69557b7ced8a16c38a2d0ee574be74dcdaa19531a3ba73578e365f7b2148e1dd7eac59fe18b82a8981a3a
SSDEEP

98304:LIf/i2O3HrDuUZnCDT4ZY5u1ebaRPcIHNhwzV+Vp/ziRBiLq:LIfKRHrC8CPiYs15USywtiRBiLq

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2532	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2532	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2532	vlc.exe
Token: SeIncBasePriorityPrivilege	2532	vlc.exe

Suspicious use of FindShellTrayWindow 6 IoCs

pid	Process
2532	vlc.exe
2532	vlc.exe
2532	vlc.exe
2532	vlc.exe
2532	vlc.exe
2532	vlc.exe

Suspicious use of SendNotifyMessage 5 IoCs

pid	Process
2532	vlc.exe
2532	vlc.exe
2532	vlc.exe
2532	vlc.exe
2532	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2532	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\[SPOTIFY-DOWNLOADER.COM] Carry On.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2532-8-0x000007FEF8560000-0x000007FEF8594000-memory.dmp

Filesize
208KB

Download
memory/2532-7-0x000000013F5B0000-0x000000013F6A8000-memory.dmp

Filesize
992KB

Download
memory/2532-12-0x000007FEF8540000-0x000007FEF8551000-memory.dmp

Filesize
68KB

Download
memory/2532-16-0x000007FEF79C0000-0x000007FEF79D1000-memory.dmp

Filesize
68KB

Download
memory/2532-15-0x000007FEF79E0000-0x000007FEF79FD000-memory.dmp

Filesize
116KB

Download
memory/2532-14-0x000007FEF7A00000-0x000007FEF7A11000-memory.dmp

Filesize
68KB

Download
memory/2532-13-0x000007FEF7A20000-0x000007FEF7A37000-memory.dmp

Filesize
92KB

Download
memory/2532-9-0x000007FEF6D70000-0x000007FEF7026000-memory.dmp

Filesize
2.7MB

Download
memory/2532-11-0x000007FEFB020000-0x000007FEFB037000-memory.dmp

Filesize
92KB

Download
memory/2532-10-0x000007FEFC070000-0x000007FEFC088000-memory.dmp

Filesize
96KB

Download
memory/2532-39-0x000007FEF3B80000-0x000007FEF3BD7000-memory.dmp

Filesize
348KB

Download
memory/2532-40-0x000007FEF3B50000-0x000007FEF3B78000-memory.dmp

Filesize
160KB

Download
memory/2532-43-0x000007FEF3950000-0x000007FEF3962000-memory.dmp

Filesize
72KB

Download
memory/2532-42-0x000007FEF3990000-0x000007FEF39A1000-memory.dmp

Filesize
68KB

Download
memory/2532-41-0x000007FEF39B0000-0x000007FEF39C5000-memory.dmp

Filesize
84KB

Download
memory/2532-17-0x000007FEF5CC0000-0x000007FEF6D70000-memory.dmp

Filesize
16.7MB

Download
memory/2532-38-0x000007FEF57E0000-0x000007FEF58A5000-memory.dmp

Filesize
788KB

Download
memory/2532-37-0x000007FEF58B0000-0x000007FEF58C1000-memory.dmp

Filesize
68KB

Download
memory/2532-44-0x000007FEF37D0000-0x000007FEF394A000-memory.dmp

Filesize
1.5MB

Download
memory/2532-36-0x000007FEF58D0000-0x000007FEF58E3000-memory.dmp

Filesize
76KB

Download
memory/2532-35-0x000007FEF58F0000-0x000007FEF591F000-memory.dmp

Filesize
188KB

Download
memory/2532-34-0x000007FEF5920000-0x000007FEF5977000-memory.dmp

Filesize
348KB

Download
memory/2532-33-0x000007FEF5980000-0x000007FEF5991000-memory.dmp

Filesize
68KB

Download
memory/2532-32-0x000007FEF59A0000-0x000007FEF59B8000-memory.dmp

Filesize
96KB

Download
memory/2532-31-0x000007FEF73A0000-0x000007FEF73B1000-memory.dmp

Filesize
68KB

Download
memory/2532-30-0x000007FEF59C0000-0x000007FEF5A3C000-memory.dmp

Filesize
496KB

Download
memory/2532-29-0x000007FEF5A40000-0x000007FEF5AA7000-memory.dmp

Filesize
412KB

Download
memory/2532-28-0x000007FEF73C0000-0x000007FEF73F0000-memory.dmp

Filesize
192KB

Download
memory/2532-27-0x000007FEF73F0000-0x000007FEF7408000-memory.dmp

Filesize
96KB

Download
memory/2532-26-0x000007FEF7410000-0x000007FEF7421000-memory.dmp

Filesize
68KB

Download
memory/2532-25-0x000007FEF7430000-0x000007FEF744B000-memory.dmp

Filesize
108KB

Download
memory/2532-24-0x000007FEF7450000-0x000007FEF7461000-memory.dmp

Filesize
68KB

Download
memory/2532-23-0x000007FEF7470000-0x000007FEF7481000-memory.dmp

Filesize
68KB

Download
memory/2532-22-0x000007FEF7490000-0x000007FEF74A1000-memory.dmp

Filesize
68KB

Download
memory/2532-21-0x000007FEF74B0000-0x000007FEF74C8000-memory.dmp

Filesize
96KB

Download
memory/2532-20-0x000007FEF74D0000-0x000007FEF74F1000-memory.dmp

Filesize
132KB

Download
memory/2532-19-0x000007FEF7500000-0x000007FEF7541000-memory.dmp

Filesize
260KB

Download
memory/2532-18-0x000007FEF5AB0000-0x000007FEF5CBB000-memory.dmp

Filesize
2.0MB

Download
memory/2532-47-0x000007FEF6D70000-0x000007FEF7026000-memory.dmp

Filesize
2.7MB

Download