Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    213s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch01.html

  • Size

    25KB

  • MD5

    823798e44dab8ebd22c3332fb1b22773

  • SHA1

    236568c9e4c4a5365ff5450e4cc5a06afdbbb98b

  • SHA256

    b2c2b47bb319dc377a2b533eaf11decd4b1c126928b8f998cbf1e9adffa73dbd

  • SHA512

    2f3f2c6aeb24c26e8490c4b18b3c88a52d446858a3168b0e9bcba1af35580a52609a09e56e3df3a1ac22d52f58cf09e8a897dd64100b6835385d60469caf19a2

  • SSDEEP

    384:nyvO8QY53GdYrtYLzYGzfZTal+O86gUGpp8lR:n0OoQgYNZTdOWtDuR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch01.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2676 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e31c88207de8de67482604df4b46747e

    SHA1

    5d2075320ee13c4373bbc36fba1a951b2515d4ff

    SHA256

    03f601fb0a8f080870afb664241757223fb1baa3da460ec493c08012603f81b3

    SHA512

    9a4041d699f7246b1525e076248ef24099de4ce9b0243ee069b84e7a10764fb7dcc81f8aa1c7d5d469aae66a95e46cc487200eb146e25b34fd0c76c4b74022c8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64662aba4acd2781ab44ebcfa180e5a8

    SHA1

    402cba0220456ff914c715f7aabeb958f86cdd5b

    SHA256

    9d4ff2b543f1c1d3cd158baa6b1fa4e2ceed32dde83bd61a5c8a351b788b2193

    SHA512

    8af1dd250bb69e1de84e0cf98031289c6bc57d292a1c17cc08d62ad4f685e04519fced941ae476a9ab206c5beae6aa6ffe87d6c6cd8fa389546318d29c30c5d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7982d35b41e400b81f4f975e78afee01

    SHA1

    78560eef303afc593c9992e27fa5696b5072665b

    SHA256

    946f0c98fba009cdeabca18b85a0ad6fa6795416931d2e37a2278aacf756d0ce

    SHA512

    0ee0663aed6ef85cc532704d10c124945eec1c5f45bad1e0c43dbe513ae3e35b8eadb27a9eb4e1f771eef2746efaa86ddac634ea9261376c9a6dc4881a053e8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f4f674bfe5aab3fbbf5abe411d83983

    SHA1

    3945f09c9cd749eda0319a090cda4e9c08c53fb8

    SHA256

    2f3c99023ff93b877736d1450cc03960bdcedeb145b089dacd02a90b020b1bea

    SHA512

    a0dd58c6944f3310f2f2595f73eea09a579cc88078f60807fb4922309bfe83bc38e1781451884b07c83b385f2e36831ce192907272725ad9814928919a2283a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb89901b86a71e3bfec3c1cedb8bcdbb

    SHA1

    2ece1819bc9348a14f019fdb267aedc0d2762c76

    SHA256

    7484bf8d4ecf34c8049d0d78da0b3047f3e340e330926aff5f426ad83ed73424

    SHA512

    671f8fb439631e625a0174657ce6fabaa6a7c3dc6c1555e528a0aeecb6a8f4459b9c81ebcdb3819b329428def35492ac0867483747f7049da882032d8d5bb821

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    161e582a5b3e93bee171645456f99648

    SHA1

    f2d33da5349a745f03b686afbd74ae16e015190c

    SHA256

    452246c303a694038279df105e0b3292a348fb9bfe8ef4a5ae0fc24717c2b475

    SHA512

    069877cdf77eea2f88dc299f26daa65929bf30b25c0d83ca488f77a6c4b6df4b58324a3348b1291abbe21a9d2c07f211f431677757a90219006bc3d4e57def3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17a3f8b77a4f89987d734a59be10ed2f

    SHA1

    d1b1d25a4a09458d4e9c7afa38fc4b9a4b21e37f

    SHA256

    16ffbddcaed47848a9416d75689e34d5b2b14080428fd49be67b5c074ea19c85

    SHA512

    efc699f1092b8efb291c0a6bcd1743f89ff50b8d0bbdf69326de2c928025a1a6f5ac85067c71ae933897c3f9b48465474e55d2a5b4293da40a37b037aa227b71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9905113934b3fc39b025c0252f3c60bf

    SHA1

    159b99b6328774d949164b327e8fe1294e508d71

    SHA256

    901eae4d4c16704b990564ce4cd6fd1f75d0555c717ff7742568d2f4bb87b472

    SHA512

    9a8f9a14435063f64c718b79eef758796bf42b933930dece7ed87ae504a092d500e03c4157c6ac9298c769faac80f261be613ac8f4f36bb5b74b3e8accabadc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5d64dfbc1d5423d753c043c92f03ff6d

    SHA1

    54f912bd6eee054f47eef381ad42868249dcfc83

    SHA256

    eff33a138cc8f25661c914491c33c2f8eed762afdec01aaf5dfca434714b44a6

    SHA512

    ecf7365007adb7f70fc94d7bce1cdf1c489c07e5610b07d3b8e8daf5dc010a1962d9bae261650e113808d6684b842dd8d57a0a95f18ff61019f00572c54580ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fa3899ad4e0819ddf8ffabcbec234ef

    SHA1

    4e1e8cab0ab4dfc2d40e10657840db77235fa66d

    SHA256

    4eca85a16a21dddbf47f9bcd36689fae55255e41f187a89dd5b45590b1a820d1

    SHA512

    14c5f20cdf9b5171a2847a1854e89ce88c89675a1521970b1088f559366d28daa86cda44d7d69fd0c7e565d88de2f516ffc13c8c2c4a179fc13f0ad23b2938c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    edfca4bc6055813be0abf246ade19f89

    SHA1

    6421c2d5ca8c9398ad931e6eba31df36d50ab2cd

    SHA256

    626fb9bbe80b2778f7481cd4d7f3600e462e2eb702c6fe1d6f43ef67a79dd344

    SHA512

    2c0ebc1fb59d4312c8961105a9ba6d0979eb3b5efa6808f4d4e51766fd964b9682c7bae20031d7509578222dc31f0e0b7369416953f7415e66fcc9197fc8f9ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58d82a73ce2b481d483e13ad89d552a2

    SHA1

    5039fc4d6f29f08fc84e462c4423ef711725a0f9

    SHA256

    4d55275584bdccad52897ea2cf0be441eb563988c5d7156eac0d92c4ed2312ed

    SHA512

    05c49f1d3fd817ad62f9901c200bd93ee6875fdb187592ed09ba981ba151f0d85b94635d43c42fc15ae35d6a118594aecdf97d9c879d3a368fcfd6970fb906a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fa7947f09619b8749d94d3799b71cdc

    SHA1

    281cdb98527a5af71ef361e9bbae705c5d87339c

    SHA256

    42374579164ef628fa9b3c8ee1d8b8b3577e0ccfaa56fb64b8d43db437b79849

    SHA512

    d5dbb931a9013510ba83fc5cad554e6a5840169b248603146241316b91ffeb04f0549b4c80175cfe6741ef42b475d3c234932c970476327dbecc8b46aa1aeef5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3faed4158bce6dd70505419c57dc607f

    SHA1

    9c2f7a8b986a2712bd79f5c43730d50a3a029f61

    SHA256

    eacbaeaf0a0ae187c12f1de2c243f4d2153e2c0b1f789fa0f05a8dc630837ba4

    SHA512

    5a2c1f0c80c40f3238177283bcf016e384ae4f5eb7d6a0e987cd9ba22ace98c09adb020c1159fa21f5f2b09d5a1005036c23c888ffca3507acd2c5d2600ecd77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a8df623706d83c0bf9e74265057a424

    SHA1

    b298b164ead7d1e8227c8664b034e6f55bb5f3ed

    SHA256

    2730ff72a6812842ce9a309c70b85bef4d37fbac5630a4e03bd004f939a9a477

    SHA512

    d894084699dfa31c5445fd7f24e918260a1615d1f0cf586f14a5029744d9b5d3e6118d3bfbd3552aec5c86580c3b6b14ea8dd2b1b8c7385d334d3fd89c758448

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    02c5150dd33d8945cb90569c50125da1

    SHA1

    dd7d6de87f04d6cded22d9df640f1a572fd4abe8

    SHA256

    f95d9768aa4ba824bf09e6f9481354222cc56ad31e0d4c3be565ae76f6bf06c7

    SHA512

    9e47fc6263962a073bf2c4d4ee7fe276c14383694bb6bf434c5dd381891aca511a9d41e92840d22edaaea06ffb4a7b5b3d8895057f799fa0f1805c595b041f38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f33f9f0354c5b37c7c28dd96ed914b1c

    SHA1

    b3d5a0ffd790f4d8f4d5ac94dc13f67f3e486c38

    SHA256

    18dcfb90da3a44cd072c64ac99bb8febc788b7aa21694a7d18546c1d672bdb08

    SHA512

    c1bf64f58bf3db557a203a9a23ada3f997935e6c6d16824e9f05b3ccfb2e0938b2352df2cc83c0c2e7bb0cb5ed9b76840f1819ba21548ea31ca4249530de1f17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0726b4477258239d653909f84cd0078e

    SHA1

    5b7229c9ff684353078fa9a987fbbd649d4a27de

    SHA256

    ece6b0a89114fcb984b7d861673f1286d0d031893a5703083758396f1638ffa9

    SHA512

    30b03b3799352e5d8ed90431d2d705dbb0f26581d213790e54c0e67282ad42c08c75bccfb599ebee7b782b3607c7f59069b3f1615e0a54786402aed989f80b2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bbd6976a5ec29b124787ad18b645c68c

    SHA1

    2133e79834d10a95cee9a5c1dc658dd420678636

    SHA256

    297f5012483d8cc016fb6c223c0af686a0702a0485d10cddeafd7822ccee0c54

    SHA512

    1902d47fe73c8c5de722bf4516ae37a1b5654a7d807bf4bea34160319abc7f7c4af2c6108fe3c8e3d5f46d9ff870e8484e36c6789ef3814e335daaa8ef07422d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8E5E.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8EC0.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit