Overview

overview

5

Static

static

5

AutoClicker-3.1.exe

windows10-2004-x64

3

Resubmissions

06/04/2025, 12:48

250406-p11mgs1my2 5

06/04/2025, 11:12

250406-naz3lazjt2 10

06/04/2025, 11:10

250406-m9sbcsyr15 5

06/04/2025, 10:54

250406-mzvnqswyat 10

06/04/2025, 10:45

250406-mtjpaaypz4 10

06/04/2025, 10:41

250406-mq7xpsypy4 10

06/04/2025, 10:38

250406-mpjtgsypx8 10

06/04/2025, 10:26

250406-mgmv6syps3 10

06/04/2025, 10:19

250406-mcrcssyny6 10

06/04/2025, 10:07

250406-l5tg7awvdv 10

Analysis

  • max time kernel
    86s
  • max time network
    73s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/04/2025, 11:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AutoClicker-3.1.exe

  • Size

    860KB

  • MD5

    c208a15591828ac1b1c825f33fd55c8a

  • SHA1

    bea4a247ece1a749d0994fc085fbd2d7c90a21e7

  • SHA256

    a6ee6130d83bbe55e9dacdff2005950d69fc2d3c54e28467b82c148e274d90da

  • SHA512

    b78d8055fc64bac1cdd366cdb339df2e081228bd998fdb5450a6832b0720c1b321568aabd7535ce62c16067ad20c86e51712c3e78bc40945adc05c63565fd889

  • SSDEEP

    12288:2aWzgMg7v3qnCipErQohh0F4xCJ8lnydQEzFGZ3dRP6yWD:RaHMv6C1rjpnydQEOPdWD

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AutoClicker-3.1.exe
    "C:\Users\Admin\AppData\Local\Temp\AutoClicker-3.1.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    PID:4468
  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\Desktop\ConnectSkip.docx" /o ""
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2328
  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\Desktop\ConnectSkip.docx" /o ""
    1⤵
      PID:3204

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\TCDDD0.tmp\sist02.xsl
      Filesize

      245KB

      MD5

      f883b260a8d67082ea895c14bf56dd56

      SHA1

      7954565c1f243d46ad3b1e2f1baf3281451fc14b

      SHA256

      ef4835db41a485b56c2ef0ff7094bc2350460573a686182bc45fd6613480e353

      SHA512

      d95924a499f32d9b4d9a7d298502181f9e9048c21dbe0496fa3c3279b263d6f7d594b859111a99b1a53bd248ee69b867d7b1768c42e1e40934e0b990f0ce051e

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Office\Recent\index.dat
      Filesize

      395B

      MD5

      c91e761d7dd1ea3b87d1c342ebd84d6f

      SHA1

      ed968c17facda8ae82b8206de9fad0aa0d5c1888

      SHA256

      5e85be3b28bba21fca81b3195291ee3e36277b0d810c78bbba26d04ed21a9517

      SHA512

      fe411f187b6af0aa10a4c7e746bd0fa17165b469d25af2c40564a08bd07f690c468192035d4534ea2acacfd2c42cd465da39775421458cfde0d316766786bc33

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms
      Filesize

      2KB

      MD5

      a527c3debc9a403b5915006a2128974a

      SHA1

      c5ea7eb56b76beb49cabbd99134c5f7acbfd878e

      SHA256

      1a1b1a63a6d1ee6b95844511e75d26d8582fe6e616bd7c705e4b44e367cda961

      SHA512

      02f1b13d81beb3134d7e7e61c56dd4fb0f8d962f24c640333ef1fdecaba0124b2a729a3c8e3d52ad81c0dd116d3962915743734f73ebced4ce4380c9b25200b2

      Download Submit

    • memory/2328-24-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-64-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-13-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2328-15-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-17-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-230-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-14-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-20-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-19-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-18-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-22-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-23-0x00007FFE2EA50000-0x00007FFE2EA60000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2328-21-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-25-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-27-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-28-0x00007FFE2EA50000-0x00007FFE2EA60000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2328-26-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-9-0x00007FFE70C2D000-0x00007FFE70C2E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2328-12-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2328-8-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2328-16-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-75-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-11-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2328-59-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-65-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-66-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-68-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-67-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-10-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2328-63-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-62-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-61-0x00007FFE70B90000-0x00007FFE70D85000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2328-60-0x00007FFE70C2D000-0x00007FFE70C2E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3204-40-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3204-38-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3204-41-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3204-39-0x00007FFE30C10000-0x00007FFE30C20000-memory.dmp

      Filesize

      64KB

      Download