Overview

overview

7

Static

static

7

Aspect/AntiCrack.dll

windows7-x64

1

Aspect/AntiCrack.dll

windows10-2004-x64

1

Aspect/Aspect.dll

windows7-x64

7

Aspect/Aspect.dll

windows10-2004-x64

7

Aspect/Aspect.exe

windows7-x64

1

Aspect/Aspect.exe

windows10-2004-x64

1

Aspect/ICS...it.dll

windows7-x64

1

Aspect/ICS...it.dll

windows10-2004-x64

1

Aspect/New...on.dll

windows7-x64

1

Aspect/New...on.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    136s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-10-2023 16:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Aspect/ICSharpCode.AvalonEdit.dll

  • Size

    598KB

  • MD5

    b6142f182a86adf382ea845935a327bc

  • SHA1

    841367a389b4df1207224a26f9e201e593d551d1

  • SHA256

    7225253a9ca59db879340f9ea8ee4f48006ceadf878d04b446522007fbe3ebb3

  • SHA512

    a5e4941409b4b06fdf44ec5ebfb5d99cec47b1f348e266e7dc20254e5465deb1abf60d67092b5aa1bd14f52d637b52b380382f838d601b0f3734ea5a406fb068

  • SSDEEP

    6144:m7zJDqOpyhu6XzDnHYRdioOfP/5GvVTBz/xz0z77OxRmvdM+lNsjXU+9NKsTLO0l:C/9R9VONf

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Aspect\ICSharpCode.AvalonEdit.dll,#1
    1⤵
      PID:4604
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:2080
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3656

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        5d8eea9d2ea43e7e5710bf34d8eb443d

        SHA1

        88cf9c6b4d4f96a02cf85c135b567adced6eddd5

        SHA256

        7787c4ef19dd88170e26dd995632a2a2f96a65da8f66b33d23fb41a1387091da

        SHA512

        72ff03d3a7406fa729fd05ff6507734d78de7e743b71b6a59b006ab513663aa04df676981f621bb0c19a11a22e67e3b555e5fad8dc62ef1e9e75ccaca7b37dd3

        Download Submit

      • memory/3656-40-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-33-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-42-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-34-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-35-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-36-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-37-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-39-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-43-0x000001F60CCB0000-0x000001F60CCB1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-0-0x000001F604970000-0x000001F604980000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3656-68-0x000001F60CF00000-0x000001F60CF01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-32-0x000001F60CF60000-0x000001F60CF61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-38-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-44-0x000001F60CCA0000-0x000001F60CCA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-46-0x000001F60CCB0000-0x000001F60CCB1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-49-0x000001F60CCA0000-0x000001F60CCA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-52-0x000001F60CBE0000-0x000001F60CBE1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-16-0x000001F604A70000-0x000001F604A80000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3656-64-0x000001F60CDE0000-0x000001F60CDE1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-66-0x000001F60CDF0000-0x000001F60CDF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-67-0x000001F60CDF0000-0x000001F60CDF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3656-41-0x000001F60CF90000-0x000001F60CF91000-memory.dmp

        Filesize

        4KB

        Download