Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch13.html

  • Size

    7KB

  • MD5

    de388f556bb5d8feda37c1746f65f638

  • SHA1

    5be64f5f787178107362db94cceaf109fc3f7b55

  • SHA256

    fdb28b3f7cc05f84fb8ef2f6b120276b6eeb27d52e5ccb84ebc6c103fbc8228a

  • SHA512

    5bd3f60a9a2c20ff89dace9e17f89c37a6bbb37ccdc6e107e06c538c3195e5e4b51b9368c75139fd8e3f40f79720cc7815428c4fe2e0e34a8f1aa2e20b7d92c6

  • SSDEEP

    96:nBAvOHev5peVuyNaLgkAKyffwSkiIxNKgegYI7XJ4zJa1JUC/bPfKD+qmWzrzbK8:nyvOHq7yNSuYSk7ma1UDHaHPry3R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch13.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12838dda7400ffcdff70e0d85936bad9

    SHA1

    28ded4a9e8a5c2a14d5c94acf0650e4a11bc07e0

    SHA256

    38cc1102fbc83e174e610a2de4357531fb1f8fe30f843dabd1216329cbc54761

    SHA512

    821ba5a102c3e188e46d01f350f781a3d8df47735b4d203ce07af72b24184459912575c57d079188ff4b8591c14540020eb5b9b753dbd2ad14fec70170bbe69c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6e6c0a656b8ecff3fbb3cae809c0a11

    SHA1

    b408303f83c41a9cc73a14529c01471f95325d6c

    SHA256

    6dc294320b8d344e5ebe91ecc1c4122815547b257febe6f234fa7597d7ee84bb

    SHA512

    a2fd193f53f36c15e8e346b889e4db3f091123713b3f2d6314a4578de4c8dd7f6248a9bf2fe60ab1b7e2df27da3abfaba47680b47d69fe10f6d021adc9ce55ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    977765483f30fd9202ec42dd66137509

    SHA1

    2a023045893ceb32603a88e7af82d75315487e4b

    SHA256

    6315fe81df182a40546f4cdd391e50a50ce9790ee3186b40b21d8e8fafc1cf9e

    SHA512

    b3ac3bcbccf57e05ce02c2a61588041b87a94a06d4b19200514b3a7888beacf5d5f5a9581b9cf533a7006a0eef70b1d7cbcd406b1df5defbb8e7e9c841b27b3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7649253a7b40b67ca1deb9550386f41e

    SHA1

    3bc5c3dcc868e6f93cba3533fca014224adfc69b

    SHA256

    17b7f086e8f4dbcd03df5f626072eab43c565b541adc160113de52af7281f203

    SHA512

    63cdabc14241099a8652d3c9b642b8f9d6be2320b3f709ea30bc8e89adffd32a270407a6b11caea2085269c758cdfc4ebbe76822be05ec259b85585b372a149a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07c99e35d12d9f3511b521aa8899ea0b

    SHA1

    c7b200d5ee8d3168952a2bb1b8b671eded57e464

    SHA256

    dafb634a8b96d6083eeb8aae45accfe057d2f5917d961526912f34ac4ae7e4d3

    SHA512

    4022cf762713d0560059a6e475a76982c704d03a8962bd45935c685914bc99d9717b1d155942450d7e4122483e7eb75777b6f3aec3aee58a2703b4e22f6d440b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c4fab21ebce238a55e4ee01fa1183489

    SHA1

    81eda4e2e0e8387477f2f38d90e5b1ab0a6cc91d

    SHA256

    6da9dad0f4a8bcfeef53669140b9ad7fb2f25fa3bf70985f1b71bb7439008349

    SHA512

    b7a4c3b9c05376ed65e3fd1282a3acd524976e0e875cb065484993a4174210f40c40972996194512fece4fb727898f7790e075013ae1d8eef5c3158e88416e1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    60d0b04ecc40a70c2d2c4599d37ed56a

    SHA1

    f71bdd3436d091ae7e09f8832aeafedf1d28bc33

    SHA256

    5d339bb899096a366fd6dbd45faf22ab97a8c885e5d37130e6dff51193316d1e

    SHA512

    4909511a86dc9f84cd5154fdfa1eccd478d3c7078325f345cacb8b6379e8f1faaa36803213a729113907d3e0fcd289aab23689c5ab8a146149d0936f6bf01b7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c0e53d7f0b287eeb179615b681a3d6e

    SHA1

    18a7615a7776e3dbffbbb70bcddc1474005f8de8

    SHA256

    2b615a56c2638c65b0c5f746ede7c2160e6520df0d7286e669dcad0058d879ba

    SHA512

    2c63e6c7d2d6e688248344ecb1d894e848dbeab72899365ebdcd6689d1337a900e0f7158153d3153bd3e11ecfd6e5185eefdfc84fd89e6e6ef5e47018a891c17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28f5257ce72826eb80277b26a7ac105b

    SHA1

    cb1cd1c4820f2d7e8cae3024a56b58b783d39480

    SHA256

    7dd8bdda04384d520435f91d3412ce753521d504d03ce40513c8a48ccaf1c24f

    SHA512

    fec4483b36cc472f89f9cba0676f345e13dea8520dca746019da15db87d9477981f5c693666a2911b5a6a69c78c2f24b371ce7ef2ed948183e08e1d18fd2e80c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4305fab4943709e1ea7aae4ac351584

    SHA1

    12be8023d57e72586a73d41ff6ff6a9d5a3403d7

    SHA256

    71c04bfea7d84a5962d602ffc0e97767a73a59c080722372469b6ab9c54324f6

    SHA512

    2f33af74361053e80b4c20c40f35135ef8a6dc74b14a91669dcbe67820c707223e7237f09f1ec568a41212b680891af3df77aaa63cf10b372551894caf08199a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47942a230f8d232ea74b1e7ff0114964

    SHA1

    f89e3b6243afecec45b733b3abd98e2a375a6b54

    SHA256

    c618baadf9b3ee371f8d7485e63c1705a44e467222a642f0f528cdf5cf791bb4

    SHA512

    8c1fb35cd4d566d7eed7b9df98bbc6f2fe1ba8334304ad9fcbe2811962ddd0036ec36567e6d1e51e4b94199a5a9d9d894a43d5337b025fb5da9c4cba4658f7fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba0b0b4bc9c592c3d610949849d3e00a

    SHA1

    d21b73da79f0deac9c6ca443cc5cf0ddd321e611

    SHA256

    0a9bcdc21dea6e5c1e1b1a0a107b820ff7c01db637083d01cd9fda14d34c83e6

    SHA512

    f1df0893318dd6ad7966ace032d284de14cb57fe5075e7f3c865546aab35449d139585aa248609cce4626095f153f14aeec0eac369c60fb10c5042ba45d1222f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f28222443733ce3141f2c4bb4b7e5526

    SHA1

    d24bd29275546321654956154f9724fe1e4d1e83

    SHA256

    cb430ee5c18ac0b1a868a806e644d9163206ac8896bd2c7aeb169ad9364b4b44

    SHA512

    41ce7df12775c519603fef1ecd3b09deddb58ee08e757da442af0e8382174b04463e98a85323f8ffae616080d189d99e3c309d2dd269c71755c28d05f803cf61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6aad7a1c862dfa0c5879ebe264f095a6

    SHA1

    005f976eead18446845a28a15c6b1a4320c4cb2d

    SHA256

    c92d15c5d72b2923eeed608c2b530ee7e0f6a07738a2bace2b93d6f689f75889

    SHA512

    4e5641353180e9116d9f5ddd42e31ea3c0396c3e72f2029624260f056940325b83e139b39d605dc76c926ce9fa923e24bbb578e55cc6158de23bbbb9fd4c04e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6fc4cc425394aa7c122b9454b31e5c6

    SHA1

    d4b610c683fdec0c0acf4970f2b66f7bbc074d27

    SHA256

    e0ec6b6e5d085126ef815a1163190d45c76d77d26ece811a17c36bbe7445589a

    SHA512

    c1d2db41321f92bee4ece70e2a3140a61ed9b5316abd73d48624d25885b94006f454f4b71b60d90a976847476cea0cf3febbc727c310e52a554ba372ead8789b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab981D.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9871.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit