4db65b59e92f19e54d336a19427230ec568cd8b26ea4601daa0681669ac3bc14

Analysis

max time kernel
141s
max time network
136s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
14/10/2024, 17:32 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Re-Logic - Terraria Soundtrack - 11 Boss 2.mp3
Size

5.0MB
MD5

b2d0418f8d7b088cfbe23fa028367918
SHA1

02e4a8daa37aaa1a99c86583249c8d6e542e0900
SHA256

61fa7f177d998e47fe9869d48c243d119ae3f670dac4ae5224e78b7fef8d6752
SHA512

4600a1804f7a04b655d50dddafe4f801546db23a4302d388a56ffb60e4e11fcf37bbba521e06cdd91ef9c29769f5493dbf3efffd2e64a50cf892e57d41fe7c30
SSDEEP

98304:ELBYMZ24MDaVCLVJXgkf3c4lDfP7sbfes0hExFKsTIzy39Jjc4jdroS3bxACy//:ELBYDa+V+u3HrQisK6Ks+y33c6dOr/

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
3012	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3012	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	3012	vlc.exe
Token: SeIncBasePriorityPrivilege	3012	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe
3012	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3012	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Re-Logic - Terraria Soundtrack - 11 Boss 2.mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:3012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\vlc\art\artistalbum\Scott Lloyd Shelly\Terraria Soundtrack\art.jpg

Filesize
414KB

MD5
d36d0f0ccdd56794660db7e980f37c0a

SHA1
3424120c5ef52f299f1054a762959ed39b3792fb

SHA256
2ebc4de6977dba34225370df23c3999e5c9a7f0d081582ec0185c280ce419373

SHA512
0730be74267665b1d4bad6196d70195611cdf61ec1412d90c6a3c5f7da3fa3101e618ae7d40b3c9d8869ab4559c4527a31208f70c40797a21710e953ab7b05b7

Download Submit
memory/3012-38-0x000007FEFB970000-0x000007FEFB9A4000-memory.dmp

Filesize
208KB

Download
memory/3012-37-0x000000013FFD0000-0x00000001400C8000-memory.dmp

Filesize
992KB

Download
memory/3012-40-0x000007FEFBED0000-0x000007FEFBEE8000-memory.dmp

Filesize
96KB

Download
memory/3012-43-0x000007FEFB910000-0x000007FEFB927000-memory.dmp

Filesize
92KB

Download
memory/3012-42-0x000007FEFB930000-0x000007FEFB941000-memory.dmp

Filesize
68KB

Download
memory/3012-41-0x000007FEFB950000-0x000007FEFB967000-memory.dmp

Filesize
92KB

Download
memory/3012-46-0x000007FEFB8B0000-0x000007FEFB8C1000-memory.dmp

Filesize
68KB

Download
memory/3012-39-0x000007FEF7E90000-0x000007FEF8146000-memory.dmp

Filesize
2.7MB

Download
memory/3012-45-0x000007FEFB8D0000-0x000007FEFB8ED000-memory.dmp

Filesize
116KB

Download
memory/3012-44-0x000007FEFB8F0000-0x000007FEFB901000-memory.dmp

Filesize
68KB

Download
memory/3012-48-0x000007FEF5B30000-0x000007FEF5D3B000-memory.dmp

Filesize
2.0MB

Download
memory/3012-50-0x000007FEF7E60000-0x000007FEF7E81000-memory.dmp

Filesize
132KB

Download
memory/3012-51-0x000007FEF7330000-0x000007FEF7348000-memory.dmp

Filesize
96KB

Download
memory/3012-64-0x000007FEF58F0000-0x000007FEF5947000-memory.dmp

Filesize
348KB

Download
memory/3012-60-0x000007FEF59B0000-0x000007FEF5A2C000-memory.dmp

Filesize
496KB

Download
memory/3012-63-0x000007FEF5950000-0x000007FEF5961000-memory.dmp

Filesize
68KB

Download
memory/3012-62-0x000007FEF5970000-0x000007FEF5988000-memory.dmp

Filesize
96KB

Download
memory/3012-61-0x000007FEF5990000-0x000007FEF59A1000-memory.dmp

Filesize
68KB

Download
memory/3012-65-0x000007FEF58C0000-0x000007FEF58EF000-memory.dmp

Filesize
188KB

Download
memory/3012-59-0x000007FEF5A30000-0x000007FEF5A97000-memory.dmp

Filesize
412KB

Download
memory/3012-49-0x000007FEFB860000-0x000007FEFB8A1000-memory.dmp

Filesize
260KB

Download
memory/3012-58-0x000007FEF5AA0000-0x000007FEF5AD0000-memory.dmp

Filesize
192KB

Download
memory/3012-57-0x000007FEF5AD0000-0x000007FEF5AE8000-memory.dmp

Filesize
96KB

Download
memory/3012-56-0x000007FEF5AF0000-0x000007FEF5B01000-memory.dmp

Filesize
68KB

Download
memory/3012-55-0x000007FEF5B10000-0x000007FEF5B2B000-memory.dmp

Filesize
108KB

Download
memory/3012-54-0x000007FEF72D0000-0x000007FEF72E1000-memory.dmp

Filesize
68KB

Download
memory/3012-53-0x000007FEF72F0000-0x000007FEF7301000-memory.dmp

Filesize
68KB

Download
memory/3012-52-0x000007FEF7310000-0x000007FEF7321000-memory.dmp

Filesize
68KB

Download
memory/3012-47-0x000007FEF5D40000-0x000007FEF6DF0000-memory.dmp

Filesize
16.7MB

Download
memory/3012-75-0x000007FEF3920000-0x000007FEF3932000-memory.dmp

Filesize
72KB

Download
memory/3012-74-0x000007FEF3940000-0x000007FEF3951000-memory.dmp

Filesize
68KB

Download
memory/3012-73-0x000007FEF39A0000-0x000007FEF3A0D000-memory.dmp

Filesize
436KB

Download
memory/3012-76-0x000007FEF37A0000-0x000007FEF391A000-memory.dmp

Filesize
1.5MB

Download
memory/3012-72-0x000007FEF3B20000-0x000007FEF3B48000-memory.dmp

Filesize
160KB

Download
memory/3012-71-0x000007FEF3B50000-0x000007FEF3BA7000-memory.dmp

Filesize
348KB

Download
memory/3012-70-0x000007FEF5770000-0x000007FEF5781000-memory.dmp

Filesize
68KB

Download
memory/3012-69-0x000007FEF5790000-0x000007FEF57A3000-memory.dmp

Filesize
76KB

Download
memory/3012-68-0x000007FEF57B0000-0x000007FEF5875000-memory.dmp

Filesize
788KB

Download
memory/3012-67-0x000007FEF5880000-0x000007FEF5891000-memory.dmp

Filesize
68KB

Download
memory/3012-66-0x000007FEF58A0000-0x000007FEF58B3000-memory.dmp

Filesize
76KB

Download