Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch10.html

  • Size

    7KB

  • MD5

    66ec2978e79493da30461aff57030ba6

  • SHA1

    af7520c31d40580d5a56c0c0b59cf40ba1b41f1f

  • SHA256

    c270af1bf807c5db93f6ed12181f6683fd92ce1420db95e0edf727f2ddbf176e

  • SHA512

    c53447b4be024cb9db412a318347a617de2dbd5f766f79d8b7fc8faa94b5a3ebf3527264f248652eb7273f4abe27f6a1cc0dafd9bad1236c721eb915719e80ec

  • SSDEEP

    96:ZBAvOHe5T50VV2yNaLgAAKyfdytiIxN4gYI7XJ4zJa1JUC/byKD+qmWzrzbKpmAF:ZyvOH5OyNS28tJma1tDHaHPTy0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2212 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6a26df1417bfdabf8b8447b98cb896f9

          SHA1

          a5255fcec44dc1fd829eee6e4364e566ae5951e7

          SHA256

          ae26b29f16a424884b629f32d34e6469dece9e66d192d28142201c4c2ac006c9

          SHA512

          823e2a05bf7a59c01e717a0a4147f3574df00b21623e1237a708e70c16b81debbd5ffae8015f6e6f82f8e2ccd149f1d5532f5f7f1058f6e80c1e9d2c80a96a26

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          817ee52577306c9b5c8dcaef8aca895e

          SHA1

          b3259bd9cdabfd65229d3debc1d27ff794faf317

          SHA256

          8d7e0b31bb13e553d5dab1cd6f9b94c6c800fbeb1b15060aa8058ba9ba093a8a

          SHA512

          1b84fc6e6219c519917be590798c38f24ee15a33b5304c91ee8d8fd59c6c8e65322c343f287d6caf1a66e903f613724cb3d203bff11fe50bdbc210ab67a18c0e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          57e2d8299789901f325bd38887aa7877

          SHA1

          30714a58d116dcd874424c999b9701f4df812218

          SHA256

          1691283d0ab476dbb8a04c718a98cbfda16ca475847b630a70e7b9eadde08473

          SHA512

          ec94285375524d113e9edb8798dae2c80f664bd127102dafe11625fc01871feebbecc8eff02af5649ea80409c46655251a78b58b021ee6a864a5bc8c1c622fac

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          17ca7e6d84ee23042f191ef2da632892

          SHA1

          67ae73b98bf2f6ed2587c56a5c30584fc5e5319e

          SHA256

          fe0c422a815b6a71f91d78b7199aec15a5c0219005d33e7a9b6df37dd73f1741

          SHA512

          20b46812874d37d9bbeeadbbc1fdefdf441f229930d0a06e2327af8f73a5428602d66dfd219a6a1c0af0e4a57b2422503f603494c0ace10b2cb0b16e2fe8e101

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b9233f3dc85a225d846c73b4634acb3e

          SHA1

          e24fc534be67946bfa3465da10af04052847bcca

          SHA256

          17eec18ecf7c97a4355ccb801a154548dea4c794589e48c5048a71589cf16da8

          SHA512

          c50f63d73cec8b04cc18cc55e59a0905cb159af576bfa443544060dc817dba6446a045e0dd689f0b4c4332418829feb88a1ba37d8d259613b665bb976dc63545

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b74f89aeb0201f5258d2f93f3f0457dd

          SHA1

          e38c3379137df7e8e5474f695faa503e382b381a

          SHA256

          89dcd726a2ab99e620bf165920b4c86c17fe8edfbef5c90e5e4b6d99f2ca6776

          SHA512

          02d5a18cf1d35ffac5e78c35f60d16cd49d56e3645216c4b3703885d06b7ce6f492fc35d2b2e61f7a659679978e599aaadcd5bb541df7fd37d936dd274da2a0c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7ad986e7a4fae7c341270e7a8dd815a5

          SHA1

          5c3260d3e9d9c422049f59ae240d66e62c998125

          SHA256

          13208c000f6a320e093b82252f5035eaaf1db69424b2a5a4e484e0dd6072ff32

          SHA512

          4acd0320f691aa91f5f5f614d6b9f386ebfff293390d28173d90802cdcf60752754627bc985b0b9f4da363b976fbbf06b24c979f3211c551f8458d6d1e268a2b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d8dfceaf3c052b96bda2b533082a3719

          SHA1

          50ad377160c53ea6a1ce927feed448a3db0e7b69

          SHA256

          5554e474f2ced0ebe5ba4400729e7e06d377676fd710bd4560a182309ca05074

          SHA512

          0850ee89a7bfe9bb5e50d611b48d6a0f2b5bce3375b0e77b894558587b98460d954ee2ae1a037a6ed1be6888b864a2e4423158f3a884132ffb4fee9d82fc1b95

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1e6d4fa37a9dc6d99c8e93ec24bae3bd

          SHA1

          aee12bc32d03883d26ce8c5951f4bc2293164bba

          SHA256

          b8aee47642a964757a3f247c37d8e858e7ce424077c1753442075cf1da4c0f5d

          SHA512

          d7eecbcc6fb6b7b046df3fa3800abea6f2ee23e5cfe8ad48c6cebac0120f3d4dc55b1d6097b21772d85f3d58489d78162e6e89b60a76bf3ef00c51a3a4a599b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3ce6b99375aefcedc4be83141ca3e3c0

          SHA1

          79ffbbaf25503a702000e9df488c85a258a12c37

          SHA256

          20726829f13f4d1099d96ee130e18b0c6d4978cd075498e82cbeff2e4b2ebffb

          SHA512

          91c769e17b6c7861489c0c489d3f56b95333933c3d2850064dc291b902c3a227a8578ace8e390b666887cf7834720cd346f625141d3e74c6e386a9079534d083

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          72400be75e0e02bd8ec23a76e6a95c69

          SHA1

          93f25a607e1c891dd6f0acfa7f2cae0ea74260e8

          SHA256

          ecb633a6b64f91d896fbd855247eaae5e16ecc3aa12c453624c9d546405f5780

          SHA512

          9063828d90dc5a0c5bcab2bb53e0dd54cae924f59495c2193a8ee9f3a290f9e239dc505d6f86bbdf89a5fba080efff8da02f1f71f1696cfa3b67b64a63458583

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dbd16d8919bdff28218146f6629a0062

          SHA1

          2ffb26b7ffe3c6018a779e3ce5516c0aba5ef14b

          SHA256

          1d10906cf61c3503139be0cfe9a50bddf31db4a33fd976676ad5bf1e64b6ec15

          SHA512

          ca95fc1239feb92882ba65c8b4abd21999d6d9c54c9de95bfa523d381763865ece80e4759134233bc965d636c28f586966ad00c5ae730eb5b8c5d8b686dedb9c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a1f9d663d46b20e201e1eca22ee76715

          SHA1

          5059c93c8409e3d623ddecedeafcde0892b1cf2a

          SHA256

          93191a3808bdf02ccc51a1f52c2e6e3034c7009a0ac36485992ae5c7a8770324

          SHA512

          9d3bb28903101e623dde9e56378fac0f82c9b16e6f7c8bac43d8d9f7c7d165c5f7f2c932717e1834388307b5d39814e9a912c57d7c627bbe4ea6e4c9b53d70e5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9130b24782b77b4cdf80ee51bbe519b1

          SHA1

          0b5a4dcbc8f1e6d2d5d7593d110e91a1663e4350

          SHA256

          509f3765ba37ae1d7b0a73d30b9a5c755c1f5172e3ead7372d35469ac3d1896e

          SHA512

          b6cf8a4cb4fecbe57890fdc597f0c2a8660a50108f4cc751017f0b7d9ec06007796a1368f4fc2a5e68c8303c325ed53b72da26ce85daefe76b688b14f6463541

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabC5F0.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarC661.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit