Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.ps1

windows7-x64

1

CHANGES.ps1

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    168s
  • max time network
    194s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch08.html

  • Size

    6KB

  • MD5

    8336d8baaf4a6fa8250cfe01dc351136

  • SHA1

    b8675e514db82e292eb1eba46e9452cde1828c1c

  • SHA256

    30131f4523ef0ff1688c3bb27735b9b418741fedbb650967ceb15c343873191c

  • SHA512

    0071e338b676e064c89a9eaa296e63d028a991b3688dac5e66f45a272f7a550057f91ab6cb14c8bfed2bc7678931aa896ade2c838055ce8e6557544440826a94

  • SSDEEP

    96:OBAvOHe5T4P0VVoIJNaLga+AK3fmeeXKLxLr6e+eDtez3NedL3n2AeT8gonFPmnA:OyvOHmDJNSiguP8N18XFmyGivN8Q

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch08.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2704
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2704 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1c56fb620a4fd5cda402d84006f3edc

    SHA1

    63f4d1046e6aff79e53f431b30df2e154e874bf1

    SHA256

    fb29b07fca218521cebcac15c209f9b4b20d1feba33048c6ccc832da9d96114b

    SHA512

    122b1109da2b5ebae662d0ea8ccb186e65e13df4c6b72750bf18a2fcb1208b8dff53030d23b2fc7eab26dcb242617030acb6ddd0a86c3c77380c19c4d43f712a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c88b212c5889da0fa7243e56bf0f96a9

    SHA1

    3b94f8b2afac6333688388cc6739a4aef54eb5a7

    SHA256

    84a8fdbfc31434a36c1d1add5e8d147a1eba4a35720c32a77f502d287dddddfc

    SHA512

    e78c67c3dd8aacfd8c312dbbad3bf0124f3ae223d7ca113663b15debce8b13a2dd93eb009b107ca2a182e00220b23e6b3ed4ddf1eb3302db11f268f0e01f59ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba8c9c471b2e84f387a94c2081bb15b4

    SHA1

    9fd78f5096aef52224b4a03edf4c9432232074a1

    SHA256

    91fa353ef16f0748da6e28a97bd014ad266f11ab1fccf509341cdcaba658349e

    SHA512

    4cb2888dbcde001bcfcb53927cb6c1928d0f20a9f7900226fde365926eb9d0818a7f2647086c641d430e873f6cfeccb7b52692a54045104837d4285a23cdfd14

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6bb9e4793271d0a7a575752aa9adb74c

    SHA1

    944b0505acefd6406b71f9f2fe51642737280e45

    SHA256

    68dc8cf6740450256d2f666999f0512b64b3f19f89f27e9ab88176e493b562bd

    SHA512

    6549e4cfe6b4b6f265326a2c5da88cb6204203cd13e0a3122f30c68db0bf87e8306e2b4b1e0b8b098905b9fe7508f45fdcfe26ddc71d0699716cd868ea2ebdd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e60ccada969145d11500f149f51f6f0f

    SHA1

    4578b9e30b7257210791a83f2fe343c394e2dc1e

    SHA256

    fae6d650b55e6213a421a3b5dadb16610b43fdf2d4daf486382702c10b03614a

    SHA512

    1be6cd3815d7c22b6ea316b6d35d60133dbc958a553b96180db6370b1e09ba3b26cfa5516d1b57be98053385684b53a41a791c297dedd3c12eb3185adcdb60da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9cadf0356d8ad4e3f821523dd7f090c3

    SHA1

    1c66f38b033743461947d77d749338cd0e9ee1a1

    SHA256

    5412613acc3dac757be14d734d541111d98aa963721cdf4ec3bfde36ae68e635

    SHA512

    0bc2495fadb035603e368af431f884d6e956e23dff5830e004dc71c73aabd1abf13909ad97b353d9f66755bc307caef8839b5f9861fb30d5fcbb1a277a06359c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6c023671e175870b2462ea2af5826cb

    SHA1

    de2c5caa8a0b1d8d748e7df77e026cb3e4464009

    SHA256

    29ef4ed75a9c0fbfac3d83ad354da9d59cd0661c5ea1c923ace9a1509ee1d7fc

    SHA512

    04466c504aa700b60d098cfb437fc5199a920aa72ecc2f1e16478cdd7d8d727002509198240fe131f5c8a11d00248f2a90dc689e3d025243c42569c86c577993

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b878f26406976c175a2aae22b1329316

    SHA1

    c3ee5bc19462304659f39c4c50a6244098928429

    SHA256

    d95f06bced4e0148134b4c8a97c4b28f1bb3943211a8e3687f1265bec4b53c6f

    SHA512

    c48c758a09bdcffea6df911077d8843819bf2c9e7973c3d8b64680496c5a0583a9b86ded3520057a4df2c82756d7131aa64c5dcebbe86a59217ea6580fc69b3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    696216fa86e3f741a4a4b3cef6cc796e

    SHA1

    578486322045d71ecb4d555cbb227c870ed99758

    SHA256

    e7f22ab9ef7e0f8796960ce37e1aaafb2f073c4873c86d31a26faaa836f5db34

    SHA512

    94d61863390e38918246ad018826e8f6a00b24cae896340c97d0e7229297ae0f1c6ba5888a0264f82e7bf99fa1563f1c404302243ef3b6421e8c780c1d781309

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2044f99f555a0a99f9e31330dfee5b4e

    SHA1

    e5193fe16178b964345036e5837871bd1a93b30f

    SHA256

    4d94882ea5d475475972df60a9d841fc074f894c0e27d18fd5c4f8ca7d3aa13a

    SHA512

    442f3efbdef39e31ac466946f4176b073ebfd4a6d0227d3e247d398af46df3856d4f384fe330dfe5f5c162c4ec48570aad4bfe9d2488b4cd73d8a5c1582a939f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be2530d493b015cb1fed9b0a5c6328f1

    SHA1

    0ee466a4568af947731818a0030a8880523f3a9b

    SHA256

    fcc56e269b78d44cbbc40fb8eeec88dd2939f3ceeec408ae509d5da84f477746

    SHA512

    71bcc961616a5238dd4d0479f7cca89a86074587f7b280f83fa76030bc94ad6b91fee8be969aaac2251fa559cbcc94c839b8b5a1fa5d60dd27457e2a22fff5cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8a5673e9fd49c9a4e30410d07edb989

    SHA1

    fd33a324d1ad879cefc1ac005583e551141cb4e6

    SHA256

    31aaf468672e6721e547bf16b9ba73a20b3544d43bbc4bb3fa3e58e3ff836951

    SHA512

    bed080fcf228b2562f8039a11d192d157f8c3313f0e0eb5636b40c550ca84793f9c4af7f9d36775dd1b1c5b26390a4dcbe85007f07fb5deb0e623da344dd3ace

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e6e072799f9344fb49b6353525e324d

    SHA1

    8a0f9233c52e88e66cdfab783ae75d98bd174049

    SHA256

    a0dfad42ffc1cb95180cd8c00d8231cce575abf1d57aca2d61cd707ce1985928

    SHA512

    b074511504225e8058b871d8d5d59c3e9f40a81adc9765a29d8338e38401f9ac60e827a6a594022824dceddbbdd0ee4a7a2e9bec77e8538aebdeaedd648fa7b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55dc294018ae5e31ab6ab4ba2934b778

    SHA1

    f53f766b36728baed266ddd913b85b2b4238061e

    SHA256

    ccd0676062e33523f4518c9750cc0cfdcb2901ba0f6052d4b30710498bc9ce6b

    SHA512

    aae31165c7ed855ab6c1c997df346ed925dc43ef9faf5e1ceaf0ac13c6da99674ce820f344a4afd91c0b91e27b2217a8890b60424255afc6147f949afd9ba771

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef8ddba3a740ae8fd634ad792793695f

    SHA1

    d2eedf467a89ff37678db45bb7c1e7ad9c8d8d51

    SHA256

    c1628c412524add4043cbd1104ba8f15089a590d80f1084eb03151be606e8963

    SHA512

    974695682eba4e904e786e137532ee5dd90c5665d6432785dd352d72f98a4abb7127e5c71027031a4bf77b5ee39d8ea1bcb4d3a681cb028bb7539269720368a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    26791f3fd3c15b068f23276b66432d11

    SHA1

    0c0352186a6614c87db00b0b7722019eb6ec9ff0

    SHA256

    e73a9972cd8b1a306b931f686352fe885b585734280e6eb99ad926cfd3ba59d4

    SHA512

    19dacdf6724b99e78eeaf8858e1fed2f221f7076af541eccdafbb38f23139130da6f2540cac9f9f0932e1266d312601d930b8ae72bd46695e99b788845e28cdd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b28cac0845d343734d56df8b2891b8f

    SHA1

    4d85a596e33e3d14ec11cc2a61236795993a9fda

    SHA256

    d1e568088ab5845728f316d483b8292f30a01a4c4cf30827435f14236a999b5e

    SHA512

    b9bd63abc2de3f6775f59c0cc0b83725f4a7656f6bcafebb8b1209b5fccffbb9ed427efdfc6f926ff71c4020713af0875ea70059ced5925c434ef585533f7352

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab4A1B.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4B39.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit