Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    165s
  • max time network
    174s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch02.html

  • Size

    7KB

  • MD5

    3a9cb96f44a0b56377ada7f9e5e0b1db

  • SHA1

    70be6139b05347df6512fb0f531b62dccb3bd5c2

  • SHA256

    f88e732730e32af83f96ea16639b2c02a782c65c49caee6cab99b3da5fdfe4f8

  • SHA512

    08df5e4db743a01a6162608cc149d62444404786f91add0be4f3e63a67a4a4675defc891493e00f20b7d9b933cfdb07a8402de9a02f4ae525f6126c4e52421e7

  • SSDEEP

    192:ZyvOHJQlNSgqkDqjaBKmmGDdrvvI16lU2Url/EBzTRcnV3IuFm0:ZyvOpAYjALj+Wy5J

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch02.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2680 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78eeb08b2539849f562338948a48dfd1

    SHA1

    77484438180ab962c77b1d27d3b4a2cec86c8a19

    SHA256

    b746d429c7fb431b2b64f4cca10e799f7ff529d07559d830836c91198a819700

    SHA512

    c3c72b702560b88ce37b385eaa8a652df7fd51ff17d5a2eec41a289ee949d9d274a81b53c6d51d3bea540aaada46420ff8c491d18ba09637651a04eddc8ef155

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d01e5aa56389b9405877a448bf7a6862

    SHA1

    ec286d915db82ec70e2b48f9ef9c6281e44fe590

    SHA256

    666a0a64091b045bf353c896df1a9796187625ec888131a8d6cd9e06badb4dcf

    SHA512

    3ffc915899862f1242f76d35db6e308113c6716e5cda7bad0099ffdb8a4eb2eb87e56c50af4d720178c545dae2a0bd875ee2efd8d36810dab39af16329b83b76

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    498a83edd6df647254ae6a4a02936081

    SHA1

    dc747bbf4286c40d98ba65931678ea99dc8b2880

    SHA256

    33ad8669a7bbd7c343441371dd97c996d3780ed71aec298921749eefbf3db643

    SHA512

    9ad57d1155d2f73bb8d1c0c70be9d990f897f99297b10e61cdbcd2242c0bc200182972bfba838d834e9eb7211aec3b63cfe0d1bc7cfb4208b16f5d74794e48e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf1ec4d0b1e8eda3b8527d4f97152062

    SHA1

    bb002bf09f7cb42e189241d937576acbdbf9e990

    SHA256

    6199fda190ff0357bb0bdab5767c2aa140f66a66418e2729fefb48468908dedf

    SHA512

    4a93f03ab68d90d41485612fa692459efddda147d5f79e2db903743784b40cea6a0dd1f921ae2f39862ed18b1ddeabe5522a11ffbb20ad115a66901438e2923b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20bc01b0999a72d2f965c10f6eb4bda1

    SHA1

    ab88b1d06e48dcc99c40e519e01e0321841a5151

    SHA256

    669c7111d95759e9a54830f8d6d023c502de5b3b8fed064b4d16ea259f5d5f4f

    SHA512

    3b94182bc484c7aa4afe790c379fff26d9416c7eca9b26ab0666aab2ee537bd6f01d618370491020b67ec63345f49b79bfe7b44469b4db7dd68b12c22a804d6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fad74ec41a8fc439d213cbe398f9fe52

    SHA1

    1419a64218c7aabe4ffc326917a8fee3a6df514a

    SHA256

    16cf094c1c520798cf12933167b863121db3f0f0ddaaaffc6d3228da15af496c

    SHA512

    ff6dda8d42c94bc93efb3b665f74465869d2ffcd977aa57f788c342b4be13ba574d99b806c71317d2b81bc9e1058f295dfa8ddcebaa86b19306bda4fe54e996f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d15a4d1ae0bd78c1c9e665136af1507e

    SHA1

    026f476c86b8a38421cd3da205f53a32adcaa61f

    SHA256

    8a3d3c5106b3d3a69f13be8520a510c9bd0c84840d51ea60651e64ff1d73278e

    SHA512

    151bd4385b05545c0e9d74248427dc423605792d99398e4e1d56bb634dd6129824da10543ad768961766c1568e1f4b9edb36b408ecd6c8e8074256556cae25c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7618b29d79d9756c25679b2275ed5e19

    SHA1

    b5a6c5eebd42dbc015880a69028d81acc49d4eef

    SHA256

    8b4e821c6f1193616e859a4e8a88cc1d77f90d21cc66492d42adc7d28ccda2e7

    SHA512

    9b76f2865f05db73fe31f5ede01b808ebb2d29619a43190829809e7716915afd8654a8993801fba5c798c3959b8daab38af433f91429d2cd76d53605f70ca94a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6af1dd802b74d8ca292d01cd6ccf108a

    SHA1

    7ebbff1027741c5c3884aa9c84352b39cbd4a817

    SHA256

    e1c1d43c11f35d122c93b82e657c1f30e80ecc5337d5001b407b666a2f579ccd

    SHA512

    821787665bcab6504fbc78058d3c815075bc65416ed0325f8a859127442cc2f7123377d878fbf947f18dac6694220f24bc638c214c46c48dde7741a5993b394e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5da1f7fb4838593eaf95a891f1324f2e

    SHA1

    b86965b4930428987d1c46140a66d4db3e2b71e9

    SHA256

    9ad719ebc357fc15ade119b6c815a4287e88c68c20cb0f0de9911ddfefc8ede4

    SHA512

    b2e559b00a60f53e5b08622c04785e0b13e2f70b0196aa4c081126f8a998c3412e444e1c718c15ccbad61296c8e98cde77324295184631f80c519833e858121b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5d2e1904fea0c8c630050ebb5909577

    SHA1

    48d07ba29b16b7252a94085d92f661aabe3c6df3

    SHA256

    469859c82ef982d21049f49c784f049c04d59962ba22921450ff64cb829191dc

    SHA512

    35c9de9b3cf85741aa5d7a3545be04b251f955215414062ddc8398b2cf6c666a254b4bf1e3c748d5a2f4f822fd4704e0008ae4557b6a33e93e61caddba354ea0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c200a51fa37978ea908b0a6bf069d625

    SHA1

    51c52cd20967b7c8cd816f3bcd5a8fe48bf27d35

    SHA256

    a658137dcb21d0447fd406b6d0326ef7f185b5e548924024f451dac9b2e07173

    SHA512

    6cbd2a8bb8f2f4a011d0cf3715e6a2c652f1629c965893f12f9a3449a664014fab4118735ec727288c813d7fff3b941e48a9e1c8f69b0add2604d53679775b85

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    336d777c5e70187988a108f0ea1116d6

    SHA1

    bd759da9b1be633716346978d05ca50036c77f75

    SHA256

    dccf3fd5f6e1e328788da333f2442f3bfc48bf1a0d8d35bfbf9488a0dc6de11c

    SHA512

    af8abc0da855e56a660247a8a658d454c8a63478e7fc6d52de8b130d7e20954f024a2e06615e11a7b352f260246e8f187591bb07f3758120c7b26af83f58f67f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c3420beca3ffc52e3b06d2e71fbefae

    SHA1

    1260d15fd5023d4e1faabe729f278faae20caeae

    SHA256

    50508a75f460801859afc60c4e88b5da1a67bc7094fdcb054fb44fecdaef8710

    SHA512

    15c6c313e641d4856a1ee9f161b265fd276fa2ba6918667f5ffab3cd99851e55e4ab26777865322ffb3e951221a208e85fcccdb65916d84a6bac0ac763d10a80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2bd70a3064dccc18f9136f8a5020126e

    SHA1

    0e2493aa3692299d03f704c70c401e9fb42931f5

    SHA256

    938bf713d44de2c605b02e907228ff2be7c9ac784b08723a14c94a568d932cbc

    SHA512

    6564a90f07ae744d86ec5f3edf4eed8b2394790f3cc81a6cffd14506e42d2d14e5c7f3f1757dc8ada5863451c912c97a549c0758cc78b40b5502429f2a8a7bf0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    897d550ce74287b93ea4ca91dc839f8b

    SHA1

    ce419cbded525f17167bb6226334927eca5bdfa3

    SHA256

    bb50f8728a0c848bd99f32701035635b90a000b7ab3df125ebc28673321b77e6

    SHA512

    32291c9110a39f9c553c8d8f64d0dfedf201ff71cc62232889d8b295d0d9c61ef12cdc3f9b9105dad66f9c7487a9864b8e0e0247755fa4a25c051311be814d7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e50130531a643745dfd5a6b03feaa15

    SHA1

    777f40e6fa776c307c71e96982dd8efd07786cf5

    SHA256

    a4bf6eeb0d7fa28f80715043ef68b8c78703c2f846fc26fa32a3f8d6cae270e1

    SHA512

    e0a73de57869c94f5b0ccb6be30827cd32cc0b3b6d0bcf41015a49ccb24d0938ee2ae27709a2c8a1e6ae92a8b8050fe8e3e0e7b405e11eb7824fb4b8d756914e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF2E.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2275.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit