a3c5117ed4b12ed1a1752fdc2cf01f7f10a5b305e77a1db0dde061c6df45477e

Analysis

max time kernel
861s
max time network
880s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
05/01/2025, 21:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

youtube_gh9lfOdCjAA_audio (2) (4).mp3
Size

579KB
MD5

36e09440b78e3d3eb2030ab6afcb0e61
SHA1

b6fa8f88c98ef55cf5977643b313f27c954fd2ed
SHA256

a3c5117ed4b12ed1a1752fdc2cf01f7f10a5b305e77a1db0dde061c6df45477e
SHA512

dc65a17daa7a8064e8d529f03ee228b292e6a632536d5a34e286df0a7d470eace66cab24717398cf0c125bee2ea48aa29e746648e4c75a4f6113c52eea448872
SSDEEP

12288:OGgmVUJGKsaCMuKloXcmcExRH3FbezoJXK3eRsAr0c2PeJqDG3aydRbMv:O5oMDlGcmcExRH3FbeyXKOdpENqbU

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2092	vlc.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2092	vlc.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	2092	vlc.exe
Token: SeIncBasePriorityPrivilege	2092	vlc.exe

Suspicious use of FindShellTrayWindow 9 IoCs

pid	Process
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe

Suspicious use of SendNotifyMessage 8 IoCs

pid	Process
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe
2092	vlc.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2092	vlc.exe

C:\Program Files\VideoLAN\VLC\vlc.exe
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\youtube_gh9lfOdCjAA_audio (2) (4).mp3"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2092-6-0x000007FEFB5C0000-0x000007FEFB5F4000-memory.dmp

Filesize
208KB

Download
memory/2092-5-0x000000013F0A0000-0x000000013F198000-memory.dmp

Filesize
992KB

Download
memory/2092-9-0x000007FEFB5A0000-0x000007FEFB5B7000-memory.dmp

Filesize
92KB

Download
memory/2092-10-0x000007FEFB580000-0x000007FEFB591000-memory.dmp

Filesize
68KB

Download
memory/2092-12-0x000007FEFB540000-0x000007FEFB551000-memory.dmp

Filesize
68KB

Download
memory/2092-13-0x000007FEFB330000-0x000007FEFB34D000-memory.dmp

Filesize
116KB

Download
memory/2092-14-0x000007FEFB310000-0x000007FEFB321000-memory.dmp

Filesize
68KB

Download
memory/2092-11-0x000007FEFB560000-0x000007FEFB577000-memory.dmp

Filesize
92KB

Download
memory/2092-8-0x000007FEFB7C0000-0x000007FEFB7D8000-memory.dmp

Filesize
96KB

Download
memory/2092-7-0x000007FEF7F90000-0x000007FEF8246000-memory.dmp

Filesize
2.7MB

Download
memory/2092-15-0x000007FEF6740000-0x000007FEF694B000-memory.dmp

Filesize
2.0MB

Download
memory/2092-17-0x000007FEFB2C0000-0x000007FEFB301000-memory.dmp

Filesize
260KB

Download
memory/2092-21-0x000007FEF70B0000-0x000007FEF70C1000-memory.dmp

Filesize
68KB

Download
memory/2092-24-0x000007FEF7050000-0x000007FEF7061000-memory.dmp

Filesize
68KB

Download
memory/2092-26-0x000007FEF7000000-0x000007FEF7030000-memory.dmp

Filesize
192KB

Download
memory/2092-25-0x000007FEF7030000-0x000007FEF7048000-memory.dmp

Filesize
96KB

Download
memory/2092-31-0x000007FEF5630000-0x000007FEF5641000-memory.dmp

Filesize
68KB

Download
memory/2092-32-0x000007FEF55D0000-0x000007FEF5627000-memory.dmp

Filesize
348KB

Download
memory/2092-33-0x000007FEF55A0000-0x000007FEF55CF000-memory.dmp

Filesize
188KB

Download
memory/2092-30-0x000007FEF5650000-0x000007FEF5668000-memory.dmp

Filesize
96KB

Download
memory/2092-16-0x000007FEF5690000-0x000007FEF6740000-memory.dmp

Filesize
16.7MB

Download
memory/2092-40-0x000007FEF37E0000-0x000007FEF3808000-memory.dmp

Filesize
160KB

Download
memory/2092-42-0x000007FEF35E0000-0x000007FEF35F2000-memory.dmp

Filesize
72KB

Download
memory/2092-41-0x000007FEF3600000-0x000007FEF3611000-memory.dmp

Filesize
68KB

Download
memory/2092-39-0x000007FEF3810000-0x000007FEF3867000-memory.dmp

Filesize
348KB

Download
memory/2092-38-0x000007FEF5450000-0x000007FEF5461000-memory.dmp

Filesize
68KB

Download
memory/2092-37-0x000007FEF5470000-0x000007FEF5483000-memory.dmp

Filesize
76KB

Download
memory/2092-36-0x000007FEF5490000-0x000007FEF5555000-memory.dmp

Filesize
788KB

Download
memory/2092-35-0x000007FEF5560000-0x000007FEF5571000-memory.dmp

Filesize
68KB

Download
memory/2092-34-0x000007FEF5580000-0x000007FEF5593000-memory.dmp

Filesize
76KB

Download
memory/2092-29-0x000007FEF5670000-0x000007FEF5681000-memory.dmp

Filesize
68KB

Download
memory/2092-28-0x000007FEF6F10000-0x000007FEF6F8C000-memory.dmp

Filesize
496KB

Download
memory/2092-27-0x000007FEF6F90000-0x000007FEF6FF7000-memory.dmp

Filesize
412KB

Download
memory/2092-23-0x000007FEF7070000-0x000007FEF708B000-memory.dmp

Filesize
108KB

Download
memory/2092-22-0x000007FEF7090000-0x000007FEF70A1000-memory.dmp

Filesize
68KB

Download
memory/2092-20-0x000007FEF7F70000-0x000007FEF7F81000-memory.dmp

Filesize
68KB

Download
memory/2092-19-0x000007FEFB270000-0x000007FEFB288000-memory.dmp

Filesize
96KB

Download
memory/2092-18-0x000007FEFB290000-0x000007FEFB2B1000-memory.dmp

Filesize
132KB

Download
memory/2092-43-0x000007FEF3460000-0x000007FEF35DA000-memory.dmp

Filesize
1.5MB

Download