Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    79s
  • max time network
    176s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.html

  • Size

    24KB

  • MD5

    092838df80020bcda038eef223ad9185

  • SHA1

    857cb7fa3c5bb7888a3eaf50ce4fc931803b45c7

  • SHA256

    710b91bea8c281b8d824d29265af3a77a042cf873594dd12d1c657b2e559041b

  • SHA512

    50fe74dbd94a9d88889e1f166efd21559ab70e88c2532a20476c8a535e610fa8f48891f397fc652339e4a63c8387d94ff5dce4759888a91c8eca5d295c91a7fb

  • SSDEEP

    192:ZyvOHNepNSpKeT4Ip3hkjUBrAoNLc9hMZkeArnb3dM/MSBZdv6Jma1tDHaHzz0:ZyvOt0Yw24IRhwoNk1eQsKDHa0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2364 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1528

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3a094dd75bf9edd806e24aee1021bf20

          SHA1

          44a7bc7aa05d587dd05827660c59937ff444f22b

          SHA256

          267c7c007843549a412140babc524222fb16828d34e9eab8c9867b11179d32e8

          SHA512

          aad891b1eb42e591d12ce311db8580500b5fd6ac0130a1a8ae37646f20ed6a239125a77aff244ab6a27ebf4205014dc33ea9ec3d723d1a69e21e78ec8aedbc6d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a39a7499f54fec21e73a79c675183d9b

          SHA1

          645511093da3e726f89d569bff7688923b7979f6

          SHA256

          9d74b7d3240df8f6b465ec6cf9e9d2296063982df8373df27c8f4257f7ef45f9

          SHA512

          109dae19e7466e4ce7262404fbccb36d110daa0c928ebc7b8a9c3ffb1f0eced1d7a04b21bc14cf90aae4465851debafe02d624ea2535c1e881bc376c35e7a89d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1e82384c557c3a4f7b716b369997e2e6

          SHA1

          57276b02cf06a2ee03e3e775373f88e1eb9a984d

          SHA256

          ca1be7dd34b57c4e96c28ed8f55b6d1787ef5fba56069c63beef8de947cbc221

          SHA512

          06ee1600d64dc8f38990eecffb3f2f4a05d9a729667ebcc9e0c40a2966a755e5bc310520476a6fbe5f26cb37e29cac26cc71f683fc10faea745aa91c4d64b779

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3f581fd52556293752e1ade0ebba0f9f

          SHA1

          6eafe441a3b8f9d7770e6e1abc6647e268a2406f

          SHA256

          6a48abfbd6779e801677690a83bcd8ee8e095afcd18a1b07d57e21700fc61ded

          SHA512

          e3be298d5cd04b026d644b8a80b3d9d87ad4d60ea15b16ba8e588fd16a8151fb3c8cff902b8bc115ae72ac8767d07e2770483d835cb29a4441b4510bf44c8ca0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          151c19dcd4194c0ddd776264ed858133

          SHA1

          af905d6ebbdfc295fb0ff1df768a296e8201e090

          SHA256

          ad9b02fdeaded71fe600a0c60d9266b92bd0fb38c20245e8bad65b519bd1e2f6

          SHA512

          a3ec8445648c761f58a44738c20bc79311558d4ee3fd3091f1de3721f2cfcd021286e410e37aadb0954817875d0371d0972bf9b73df287f7722eb5ab0bda7acd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          853e03d4257460bb6c51bad223bf3c5c

          SHA1

          2bc89541f677706794d01eda68b8e90a913f0e46

          SHA256

          7e79f7c743ec7cec07ba5cfb824ccc25d13d4c2cfa5b7bdc6c46cc2503fd9e33

          SHA512

          2f5fcf44635876bd56fc4dfad4c76f9bddd278cc25031d400730744b1868bd1d5805b5a3360f1836760d994a6ac86ffcbef32ea20b5670ca4e465bec9f892a9d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c4a1adf4719f6a1b06c0e4ff83880d67

          SHA1

          bf8a30cc9d0398d51af07a8cc6f80120130fbaa4

          SHA256

          873f0121d7bbdb08b23ed90d228dac98840d50b1073117a790b68e87681ac4df

          SHA512

          edfe1e8e29cdbc4bd91795b34d6035e3a9bb6c4a5493f2d21c5bb641211f16df682ae15b3e33b2af52cc53d2c0ed994142504555188d04359ee3c6a5d9c1739b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3a0d3569bf84e1e74f7638926c9aecea

          SHA1

          ac16aeebff8a39768e8af86fc99e0244709aa754

          SHA256

          2405199226e43215807d30cfa2c33abd6e7971f2951b7d21a872128b81de48fa

          SHA512

          c85bfa8e9cb5020c51b02b38178606da7ffb57657c99018f9234f242f2a0f8f860e9f6b9536e507b7b36a4e1609a54302f097b5027e895ebfa3f0fd37da84ab9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f269965eae3d700476e383d9d4b555d3

          SHA1

          6fea3f26081dfa38a0b2c66075748e7e758c0096

          SHA256

          2ba4eed83fd43270d1a543e9acbf7b92a0163d8002a395ffcb1c8056c5ed0470

          SHA512

          b405e615934598b20d142e243f5a11c4d409187d6431bfaca3f53df92c1e04b9fa76adbc12b4aec3c668572d7038b89c71ae3efe631b3d2065ffcbb487d6a46e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9abbc356672bdacabeebe5a36f4a6191

          SHA1

          d4b1d0907fd574f5ec5c8f1fd99bd47edeadd201

          SHA256

          00a0b6daf59ed2f220d91ddd14a056f1e2d9bcec1f70b18b3f0b668886898e84

          SHA512

          669a3a29d628989c7c40c33842a61884174e7e8a3b78ac71b667096ba3c4f213feb53ed053e17456d2bfaf13baa47c4a05368fa75748697bac17bd009d20b516

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6aef4578f016607117c27a1783a6ad5c

          SHA1

          b2014a1d672fe1b9313ab3e116ade0116365b5db

          SHA256

          b9777269542c3d63e2183ad4d795b83420d874dd50e43a998231bed74851c387

          SHA512

          1a51e9d48300ad0af950d3131ca5defa5df346cee3497fb39bee704846257b5cfb40afabe175f2b825b2abf6617c296dfe1e1d9ed70c588d799521c6f7e74ffd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          09ee67a206ca90553f9d93fc974a79ad

          SHA1

          544aad60de02a4d39f609441876e8f2fa94a5063

          SHA256

          a6c73a0c505956d090e06d4a85c4741852875ed8d9fdf2d920b9ed6c6f357728

          SHA512

          a912df532f87a389371fd6e1de449ef60ce205d313798525b9bf41a54364d2b806429f7b3a6686795e4f0c7a04e10db3832ca95a2ed73677715588cf2906dadb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fc5598beb76c9f57de3308cd8bd04655

          SHA1

          1fc8992788b64dccca997840a84d1900bb797f08

          SHA256

          d30b43a81adca307a4ad633b865efeb1180c1d9c5c36c80cc2351fac824eca57

          SHA512

          16c71b552968efbf63a9664e6c63da298a81e7282ae1737625cae2fb7dfcf7934841c8cd65b6f62f192bfac70dfdb4164eab73862a94633da8e2b3867f723bd7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6b17855ff8d990e611c9499822af3618

          SHA1

          f7fdc6f0d93101376779f41c3bd9ba5e51b949ae

          SHA256

          3eb01b25eb1a322df38f0dbd5483413cd8c36201259f0d8a4d823daf3c3bd77f

          SHA512

          5ee65c52d6872e991aabead47bf353245784df9458dd2d4dbd5ec6f3a42203ca024b487c307c574593aa83b06832d86cf06440a8a9ebc5acc19c4607aee1a2e7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e044d7fd5d3ec284d128219ad5fbc208

          SHA1

          c2f263ccffba37f1bbfec496cb52b54bba2c75dc

          SHA256

          816ccb52d7acbb0052b40465d615f085e9ebd89689b5d1e267b651b1fe883fb1

          SHA512

          bf696b6cf12bc4b714f9c28560e36afa3ff7ab72b72bb508f682c55bdccaebfe27128db21266bf05d083f4ec0ff357390ef4a459c2a7019a5751a26d73f2764d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bd4e30ad6dfc259aa71669b19fc4fcdc

          SHA1

          8647c973e0ef2e41afcddc7dab501bc884deb4b0

          SHA256

          b951bc1dc2735a3b2424abcfa83a0196340664d72d0ed89ceddfc0a400c48985

          SHA512

          2e688193180d8dba4bad6d4cb1db4a81b5c8877f65069c8496ffb2fd753875d479682cc581613b70c12ebc8a7ba63e2e8df3733fcfab9c736c7a24a192801264

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e6582cd40e9b94f494caab9d94f385d7

          SHA1

          8a5b2a6c33b9ffe1d76f91f868fa3bc17e1f909d

          SHA256

          8968fef53acee1a3574f3ec2dc571b3d1eb81c21f56a06ed89c2b81f53d944eb

          SHA512

          55baefb7bbdefffeff9943c95968d91684b57ad3b8690b6adb632050193603ccb56ab7d635793ef69d0b2267fada3a836c2b0745c9de691477922a4fb7fe1e5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab283A.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar5C88.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit