Analysis

  • max time kernel
    149s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-05-2023 21:32

General

  • Target

    AS.bin.dll

  • Size

    6.1MB

  • MD5

    3e83b87371048459516879706507bb81

  • SHA1

    181823bd5aa2fa6b40d2e31634932eb6b3000a67

  • SHA256

    e8d81e7b25128035e30e271708d66efaf12c490114042e1e493a0c816d374414

  • SHA512

    36eaf72260e7e5e5abe328056f71d9035790a09e00a342b3077767b028dee32d42e7b0604f48639b9bcc51a18dbc22280df8a5ebfbe8d5f60c3c25a2a53946a5

  • SSDEEP

    98304:DTgpwS4t7BDf+UH0DUUGeiWtbeS5vaMfhzGuTIAFBXsTfneuVnPI:sVwUGeFbeSNa+aZEB8LneuxI

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\AS.bin.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:436
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\AS.bin.dll,#1
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:4608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads