Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch05.html

  • Size

    6KB

  • MD5

    b9e052e266d8df39f0779309b61bf6b9

  • SHA1

    fc9102b1cefd8523ce8bea62816be1a1a2e6f016

  • SHA256

    8980eacba1059a74219f03e1ca9ed1ef8f7ee9f12d01205c16a49598ef5b174a

  • SHA512

    d4ec404184647ca28c520189a198f7d395ce524eb50e4ea9c3c5c38b473a6b95793b6775808c6ac9252a98c8128828f75b4ea05b23a3dfcdadd266d6cd8b0086

  • SSDEEP

    192:ZyvOHU4cNSpnfiAXSkKZHlyK6Qar08+jg4gY0:ZyvO0vYkk4H8Qi4C

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2256 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2324

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f18dc1dbc3ce443b7f0e738fb296690

    SHA1

    28663d3b69dbe94351582d37d393657a31dc7801

    SHA256

    5c0bdea4d41f4b3e44d198db04df1720f89a9acd002e6a138afc5839993b7855

    SHA512

    9c9073a78074524b0c88c56789e845010b6349b32bd3570f801be6f33d04b61f2250a8835bfd82efbb3e0d20bda304cb7b7f93ee31ebba1fd184129b461ac35d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    092e7a15f167fe5103d653aa715dbb63

    SHA1

    259b567e13eb00bc9e2a487216c154288002b1a7

    SHA256

    d8be2ccdf7c2d5479c8d4faca0e991620ede44d756b89e645aecff30ddd99d24

    SHA512

    6a53d7e26b885f8c845291c9e782ce8829c081fa4fd176a78b4c81bfa6b7bf00d4bcc09e2e581ca0ca84b11e3bf4a17f9d0d275cd2f4f7082515d0825acc3135

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3caa4a068baf916b31dadfbd3ff2dccf

    SHA1

    44f819307c7dd419e7248a5980b8c9b265a044de

    SHA256

    ce7f36d70b8877f1990fbad1ba5f2bd32c95f607688a6719caa4983368729b93

    SHA512

    9cd1e30b1e6233d7bbeb9495012e2213b92d949807b58cb58f2075e671f12b1c23a464c5dfe8a593b9461f4414ae7fed97c7b111cd28dae56d6e76da3ad4e4f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14191a02359348962932fb99fa4b9640

    SHA1

    331af090cf669aa06d041de38c57298881892711

    SHA256

    9b3ce72b8b84d179982d46c30921d8381c30f39cf36240e5b2c0d2f9aa3f8921

    SHA512

    80f03e3672f2139342bf8c420ecab647c38e696dfb9393cef4f2159a8a8c2e82d758c1747c2ec107b06cbb97ad1279b9608f13f066d8d0a9feea5eaa5078315d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0802d9c8649a74b3cb062b6e3b6e659

    SHA1

    c3f16732383fa641411ebdb57318f94aee58114b

    SHA256

    dea493865e2a2dfc7e4c2f0a479cf0bae7a2fac0df68c1ad96f0f0b25ac2de43

    SHA512

    fe462ec5cb1e104c8c562a98f5b77891ac296d76ab7d2119f0689f334ff8c53957c77cb40eca7fe0c187017b77fa030e5c0a315b139d0ad7c8f1ed18160b4aca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c410e838165e6c6ba2b7fe9b499aeb6d

    SHA1

    a42b2c233028518d691d275386f96d6571b57397

    SHA256

    807d1964906c985d3c011344a6b74a4edbb62bc8f1bd77e939ad4a9934c8a41b

    SHA512

    9c7dd4e2efebb0db22cb74ce27c102388074115fc125bf1d35861880c587ffcd7fb1924957c29a78ebe69f2bf6481d9531b23b79decc625de6750e662f970ff9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63482f153e889b5f30389cf00c8291fa

    SHA1

    bc28b8e8efc505e0803094382e08204c67067014

    SHA256

    de60c493e840f7217c68f5f39c5dddc00a69b03448256d3ac513ce9048367ddd

    SHA512

    d3a2e0645199c10e4c3d452fd1735f0d1cecd06994275febeaacf0e7d97f934d4c626644e231307cc690c7ab182723c588484f2c2a28394ba3d273a93be20062

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de41801fd94deb0540dd0ec1e3458f85

    SHA1

    bccab4e3406a5acacf6e4e85fee3324b3e290dc3

    SHA256

    0906c4f151af78f276bdf642272d639fa2dcd0aa5b56098700218265a361965f

    SHA512

    737aeaeb3595c8bce6b72ca4c66494f1e1a6f269aeb1b2bea5b681e819d9acdca64f8a4f2fdc9d09d83bf35ecf0cb18b111a6575132f7adeb38118ac1ee149ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    684f27e9cf77a0eb658162066a4dbedf

    SHA1

    4df17b5d17205efd2151ff0c738b0a3387822c21

    SHA256

    a092e30b7043dfc62ef0d928444eca3a3f01f4013eaea4af72e5df6136a777a3

    SHA512

    058daee1819215046c4f7794ac84ab2e1f762775c353c2bc0e4085b6b838a1d1a1f4ce8e5029eadbf659bcb1e73bc38da9bf67d2c0b90e79bd35061ef2c4ca56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65adf271afcfc18bdb5a3efc84ec4302

    SHA1

    35537a685b53f9c918f93e6cc38176d33ed7436f

    SHA256

    713e9357d7b831b200f831edafe07380e679b94db9f24651311afa589e21832b

    SHA512

    42c8d17155d800c0d49962b1a074b75367ccd566e851a744d3de05c7564c2f0b6c84b54b419448de30e805878a86287e60022063e5567e30664303bd027c59da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7df0642ccc9a2e998ec21967f2d5e1b4

    SHA1

    631f4602361cd367331c98c26ac148a973edd139

    SHA256

    02f8ab4678b60e5c0b0a2516b1aafe77b309199b8722643ff688153804515c25

    SHA512

    bf6ae35874d350c6e93d4d7b9efbe4651b5aba9597d0e355c5a0cde57452fa14c63489df5bb5cfe0d5e80c74159eeaeace3e24b9793eb038f6ac2e5811089573

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e5876f1965d8f505ac162bf31c333427

    SHA1

    4830c2a1db83a33bbd37845531cb5b28cefdf834

    SHA256

    c9a42ad2da995a825d870b5d06482d85fc185c9559895e5a80af7f15d45f5ec2

    SHA512

    5969339629df034001d9fcec91f607faac52a723b736e4a3b584a866a7d9f378e5c17fdf47e9331e1d98d8886de7d968a135b1e914bec7eea2cb9310d021ecf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3994da7765f08a324dc58db8a2a9e14d

    SHA1

    f17d35575f361f22daddaf485abedbb1620b4d14

    SHA256

    d1712a01abf71c8c9bdd8394caf7c48143feb48b10d089f679350e1f69f1df72

    SHA512

    8154052da2815f0eddd0a7ed1e662cd0f5818b786527e9410827b5734ab3429c309aa92387b93d90d41e92c92bcd613d0d12fde16a4465e6e4a7d51077438cb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    30b6a1e2dacba086a8212bb4ade547c7

    SHA1

    854415abacdeab6129d706649d1ef1658bb29951

    SHA256

    e6ff0dbbc860eb970b86eaea3fc702908782316bcaefa9e32e285c515164cf8e

    SHA512

    82d458c14190bda3e3971296f0539d63cb868bdf1123042737c5c20a066361952349d52f76d5076c8068275432d904c8e0a1e8945e765d132ff893eceac15218

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4038daca754955b97ff2fa319a717c3d

    SHA1

    d65d3453c4b688b2597a9ee0f6ccfe685d4c5ebc

    SHA256

    b145b0c2617cf59aa396836ba4d18e9f9e18e1f02db3f38e97402c5aa367f74f

    SHA512

    2bcef7d9a9fa389c584c6b73c11201603d24059a3543076d9e41fe36de9aea62e4643b9970110e4c3260c6c8bab8bbcbf247526af39e8f19e6d8a02a75131101

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e3b2e98aaa67900657c50b0381800fa

    SHA1

    f193df3e796daa9a8814c9da707b2fad34be321d

    SHA256

    0f2f15c3bdd243af0537989e76d98ae69438030fd274f87cc747da399977b4a1

    SHA512

    f350e541a2459887266e8b8f1029ba569a99ac0413c7ecac858adb716b365851bbf66ae960a9a7e45559203bb7f9204e0c6bca87d249aa50604d529a20a5057d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41dc5a0b5d1781a53ab3ee20e4ecb92d

    SHA1

    861ad46bdb14cc55d28a62f436d6a7a9bcc76ca7

    SHA256

    708d29aee32d27dea7ecf6da45a826d45a35668eab03d6b6353be1af6c3421f8

    SHA512

    1c505686629b5de21d9c59a19c22365e6268f7d16884d219b033980034093fcaf8fa002aa127f1f953d12ae1c792083f2ea36b760f95b84d89a3c27a32f87bcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ec8337772554b249e73d3b64a6c06ea

    SHA1

    3fa5ba8f7241ae35d0e06a468d2127d96145da5b

    SHA256

    febc2c2c535bb766a46e5cb7e7587f6441e83518c30beb93e2a6d889cf63e471

    SHA512

    5e86049d647b0e00faf10d6a23d2e6cf4c25da5b13fbc4226a806874320667da9fe5d0a464dde9418222e226c626d48b02bd8576417e5edd25b697101d94f317

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45ca3ed25e0c4716dad11fc9626a25df

    SHA1

    58bf6fe8a5f1bbb030bcb8223305b30e298e9ed0

    SHA256

    b9fd63c3287c63959eee520e53ac9bba405b4728585d859e416b79e9e46752ce

    SHA512

    214af7e5ec81fe17ff4b4604cc902dda522203e5b77bcb5f39769e96750a7f5425a027f9b8f095fe47d421f478029c149b010244bfba4061ec84de8f679dfea2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAE3A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAEAD.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit