Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    198s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch04.html

  • Size

    97KB

  • MD5

    d2d81a830e0431908473d28e68f2cf68

  • SHA1

    6c0f5d957abc3482cb60e007fae21ea6455910c8

  • SHA256

    e07fe201dfad931d17d2e18bd561e7b20e0fcad2148aaf4a16aa38368ef0a708

  • SHA512

    061fa259e47068070aae50b4fa58d9dbb7c31709e869c34bcf4a975afe335790c88d6192b9b2dfdfd82dc61f23343a647d35b0a33b304d7383693b098083a7f0

  • SSDEEP

    1536:n0ODx7m6CcP7s6eYcHJrc3heQO+W3cWmhWBIrBhR:n0y7m6CQe3Rm0Baz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch04.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2772
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2772 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ee3f33fbc8bebbb9967413a265ca18f

    SHA1

    86f88ab776c4f8ece2fcef049793e76174fd55dd

    SHA256

    ae3e7cbf0026020b6ae85c2226b7acd6e7104753ddc803d6b8f3e4a94c833ed6

    SHA512

    9b8dd94ec393638e216193762ba9b9b334cfcf528607c68f21ec429901191c004096076bef7da6a324711cca56ec0d2f9acaeb147040387a588a603a0e2145a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9420e3f49beeb1034eaa552be1501fd1

    SHA1

    2ec51de783a950c128d2f9cc16ac5f69fe5386f7

    SHA256

    8ed98367cd917c901b69b2466596c6a89390ed63af0c2bb9d776ffac98072bec

    SHA512

    dc11784b721015a51b69c9f63ece374acfee740fb7dd1dcc0aa2ca2f1299c48f6a9fbbb308c6b42a409d826479908f2e764415e38158bcc27acc1eec6da9ec4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52e274b658b157f4fcba347758226bcf

    SHA1

    dac3a1b53b28f162f3e11abdf5cec9ac4863e3c3

    SHA256

    26cdc890cfcc95aa3996cbe8c77a918951745455aa33bebaae26c28cd01ebcd5

    SHA512

    2bdf71b2bea640eb468cfb5bfe937a95c5996a7fda08e9596c7f13c4efae7e598ae9cdb512a950afdf8bbde12f4c88db17bd64aba8c6c2125197778150a2469d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5f4ebef754fbeb5f714f4c19ee753b7a

    SHA1

    94753b2cab27eb26b8bc0f3361436c24079af32c

    SHA256

    5eb9a025f5aaa234bb0d04d4e98041e1f040926547075e7e595cbd0e6a9d24cd

    SHA512

    4b6bd84f2a72cabe674b8b019bd10c6bcfacf7720dafce61f9e7b76a27d1c1a0d5d4a462d2995369e5b84c837f1dbb18ba2eef1fb53254cfd1bad138cac06c1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    399c50821019cb9fb66bca5484f198af

    SHA1

    1109acd70197f546cddaae9ca7906f5ab9c448d7

    SHA256

    4179db9958d33cd6aa1cad44d12813d1be035377ba7f71ffa60a1383ed834783

    SHA512

    fa23dde7ae2a11e2970b6ef86b65f1cf0808914639607b7497b2dddbaf9ff797677a39a397cdd89db7778f31def48316c7dc766739cbd347494256ebfa20e391

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    168ed7cad78a3830a9ccfccddf3f9bd2

    SHA1

    aa0037bd9fe147604f37059dcdc60730d630205a

    SHA256

    b9d9f65513bfb5a2809e4567e46e00cfa7f7ef6e34566fe5cd248d409f6dc000

    SHA512

    b5c996e591e282df19e95b20ff77881b593f2766e04131af5388b413b99120fb666711cd9ce594dfd659172bed253523edcdd638ada3fc326f6dbc02ad03207c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1bb235540fa12c26cbdcb90ee74f442

    SHA1

    225ef29625cc04ab18b08462131534f58bd21e02

    SHA256

    f1445bec09d4eaab16e6f805dae2eaaa67d90958e21565723b817829c9ddadbf

    SHA512

    5ff83fddb2a74d1bf61214b1cd0fddfef0cd02284697077f86609a2309276cec47e06be42abf6169b7f622d4d30c9c94543bbebeb82e570d01b3a8b9c39265cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef8b00e8fa1a2538411c2a17a748a332

    SHA1

    9ab903b9226bb47dfa83c106737c398263d12403

    SHA256

    be2c72f3696744ad9a11f2df7965f34f7ff03673b8a71ccb3d502b37c7625740

    SHA512

    d52781a5ab46698aa4dd6a429389c3ee0afe3ccab408160ce22c9fac46907a568d1439e9c53270234f5be19927845696c9fa70463e9d582b07fbb3417ca0e21a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    47ed6af6bd1ddd0b97d72016d7984863

    SHA1

    9680e1fef2349d754817a9ee4f860e772d19e747

    SHA256

    4f3cf45bf2a08d7a7a1087add7e982f729645c5e536636563260eb7d191ec547

    SHA512

    9c346474c51cb09a00add5159f2e270e3a442b1760c1db672afa07c17d004347a7ad0ebd1f49c93c1007cfdb49f9a6a94b56ab48ed7eeed0d8658524c72dde67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2432543a74aaa8ab24972b1aaf304835

    SHA1

    e0325524f7b7b8fbac47743df2bfeebe03b7e959

    SHA256

    e1ee03009f6f01a889d2d6a0dc4cf9ed2208c077f39a998d36d7ad4203d1aaef

    SHA512

    51143c409eacd753b791159fd0628f3d78dbac390467c665506080cdfdc5b7a266aa5acf27ab06c782adc3b776bc6491fcab0cee3d0abb417a14569c796609b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a67432689bf934c97e5c692049b242e1

    SHA1

    84b9eb24c23658a464662717c10d77253cbaf304

    SHA256

    a67a4865fd797dbcfed8100015050e1719c3b9d987e9e4836008c8e605423377

    SHA512

    0ef03688b043e34912261a98c239b5a1c6cfe129bd9f3a65a0c11d277fc43b903341b7061019752dbc41a99077470dbc38678c6ab4173978f2ed5af3b828be78

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC342.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC384.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit