Overview

overview

3

Static

static

3

BSTweaker5...r5.exe

windows7-x64

1

BSTweaker5...r5.exe

windows10-2004-x64

1

BSTweaker5...ip.dll

windows7-x64

1

BSTweaker5...ip.dll

windows10-2004-x64

1

BSTweaker5...op.dll

windows7-x64

1

BSTweaker5...op.dll

windows10-2004-x64

1

BSTweaker5...ns.dll

windows7-x64

1

BSTweaker5...ns.dll

windows10-2004-x64

1

BSTweaker5...ks.dll

windows7-x64

1

BSTweaker5...ks.dll

windows10-2004-x64

1

BSTweaker5...IO.dll

windows7-x64

1

BSTweaker5...IO.dll

windows10-2004-x64

1

BSTweaker5...me.dll

windows7-x64

1

BSTweaker5...me.dll

windows10-2004-x64

1

BSTweaker5...ks.dll

windows7-x64

1

BSTweaker5...ks.dll

windows10-2004-x64

1

BSTweaker5...bs.dll

windows7-x64

1

BSTweaker5...bs.dll

windows10-2004-x64

1

BSTweaker5...s2.dll

windows7-x64

1

BSTweaker5...s2.dll

windows10-2004-x64

1

BSTweaker5...79.apk

android-9-x86

BSTweaker5...79.apk

android-10-x64

BSTweaker5...79.apk

android-11-x64

BSTweaker5.../suX86

ubuntu-18.04-amd64

1

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/11/2023, 02:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BSTweaker5/DLLs/Microsoft.Threading.Tasks.Extensions.Desktop.dll

  • Size

    46KB

  • MD5

    e548a93d16964e52868c47cef1c98f2e

  • SHA1

    4b96b0aa48f6ac050a764c7d65f4129a9bb8cf21

  • SHA256

    f71621c47c610e0886846cf53d955fd0e7448951f99ecc22facd47493ef97a87

  • SHA512

    fd1377b5d2d792eccf2ab9a01529838f178126fd6748da8e27cbc908ea83813fb4de021aa88989186459fef1c11be76aaf8b29b2291203d5f34f98361acf77ab

  • SSDEEP

    768:bsoKLggFUyETHj0Y5m64r+B6yP5wwWGZ8iJvHWrI:DKUgSyyD0Y5tVwwlZ8AWrI

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\BSTweaker5\DLLs\Microsoft.Threading.Tasks.Extensions.Desktop.dll,#1
    1⤵
      PID:4216
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4476
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2192

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        682c2d1d05088d5e941d1ead175c0f35

        SHA1

        d15efbc56966f02b01b179f00c431ae2c9c4e70f

        SHA256

        e2305d0bc4975bdc19e2488438b6879e5251f96491b4936c819b5c703eb33773

        SHA512

        7f764250def8e866cd0b692507ca9af11c25bd239eaba33a1d3960aeb429d6efdd90a6f27d3d29fa90f26e05b3e735490aca1c510938c669d4913cdea5bfc174

        Download Submit

      • memory/2192-40-0x0000015FEAE00000-0x0000015FEAE01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-42-0x0000015FEC000000-0x0000015FEC001000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-33-0x0000015FEAE00000-0x0000015FEAE01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-34-0x0000015FEAE00000-0x0000015FEAE01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-35-0x0000015FEAE00000-0x0000015FEAE01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-36-0x0000015FEAE00000-0x0000015FEAE01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-37-0x0000015FEAE00000-0x0000015FEAE01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-38-0x0000015FEAE00000-0x0000015FEAE01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-39-0x0000015FEAE00000-0x0000015FEAE01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-43-0x0000015FEAA30000-0x0000015FEAA31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-32-0x0000015FEADE0000-0x0000015FEADE1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-41-0x0000015FEC000000-0x0000015FEC001000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-0-0x0000015FE2740000-0x0000015FE2750000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2192-44-0x0000015FEAA20000-0x0000015FEAA21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-46-0x0000015FEAA30000-0x0000015FEAA31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-49-0x0000015FEAA20000-0x0000015FEAA21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-52-0x0000015FEA960000-0x0000015FEA961000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-64-0x0000015FEAB60000-0x0000015FEAB61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-16-0x0000015FE2840000-0x0000015FE2850000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2192-66-0x0000015FEAB70000-0x0000015FEAB71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-67-0x0000015FEAB70000-0x0000015FEAB71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2192-68-0x0000015FEAC80000-0x0000015FEAC81000-memory.dmp

        Filesize

        4KB

        Download