Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch01.html

  • Size

    24KB

  • MD5

    b3626174793db1c843cc717de5735efc

  • SHA1

    54d7e0ba25672bea477366b202f8f1c36184cc97

  • SHA256

    ecdd3b6f11ef8a11c647b927bdeee20894242c258396048aa2225eac7fe47a76

  • SHA512

    f85861059285c5f3db08efd4ebce9c27c5caec82859f907d84892466fad83292c67a4e1f467d087df09fa3bcb0fe60e3895380ec4221672e0a9aa6607c2b65fd

  • SSDEEP

    384:zvOtFYNnL7TYbBGlz15NvgOOZJT1l+CnsZ86gxGpj8W:zOcjWG7+ZJiCnsZWghJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch01.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2316 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7be84fe3f6f1d0590081dbb0ae24f984

    SHA1

    d796826da1fb536dfc50784a2f315241e24ebd7b

    SHA256

    c8ce89ded88d854ce341b40d2106c4f4cf610d5e3ccb1f7aeae14b058757be74

    SHA512

    e5f04e776027a01a87f43a1efd47f390f600e0455c40f1163eb65f368b416146e0ba533273ea6b4af50556d6b96fcaa324e23ee8666b1b89c2f71d8130360e8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5820d8d631ac962dcb64d501b4486222

    SHA1

    856a24e4c2b3629fd56536498e2f00968d92d2bd

    SHA256

    f0a4489512f674515cd7c8a431f1d5ac864df65a0595abf84a79f435f5ede30a

    SHA512

    4af57bdb8019a263897f3f59428f30cafa7fb21191ecb5ecf037eeaec6d0255308d19303430d11fd9a429246c758fecb01b854daafdc7d4b236eaefec6e6277e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ef92c5fcce0ae3bbd6c958efbc32a1f

    SHA1

    25f3fa1771a2c4c6c81f00af078a1e0390a142ff

    SHA256

    88fdb7ec7174a14cf9c7db7089e2c6f7aea6d8d1446a796cf192d6cd1031d9b2

    SHA512

    d6e3d1e868d2388cfa78ce51908dfb8b86686b7d43cc917bdfa87da9e1a2845149eb4c69078e3e5ceaec240e192da272366131a826d7f93ab0985db05889cf37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b776fa9d98d2a5694b0f9c1f4e6d0d8

    SHA1

    6f15e4ace1bbed0360143ca5c3e37487fcb1f782

    SHA256

    d1f961ff7f8cfa554285b87ca93f98b0dded49f4a35b22d52d46debd982ebd57

    SHA512

    b82b5e8c1b529808de0ec17e33e1641b4302c872e83872c0d3d3d100c235d33c270860b4803563f880e6558edfe40f70b7d89543c274aa22ab7044db2a765fe1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39cf198ef715e5bd3838480c5ff910c4

    SHA1

    e4f3a4e7ce6d1bdf83b6666cee24565a4228ab02

    SHA256

    2d4c71d8824726fca10fce08ff03c416263d09a10d7e84c48cde9b48a3f8ff14

    SHA512

    f067ba32b732771b768e105bdecabca3f60260854d7e26ceafe06e795200c899a121c818058ba7961282663625bc1a69001e22e3c2ec7cfd6a1b34d48ad7b0c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27976ddce1fa7f35ea3ae65528559a19

    SHA1

    a7611b912e5756ae5aee8f21a6582cc724585556

    SHA256

    2e9e9cee39e6933eef6a2938d7198568f40b4135290adeebe6ea7399c5c0aa6b

    SHA512

    6ec8b4928cf0db6ec1607522c78ac57c5c7c4480feaad0d87c27b301627dba4542dd4b9de44468b56a62d7824a59dc3ac5a0b2f95df0568195f9fdf28ed2dff6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3419b60b99b0d96702c93f315ec9f406

    SHA1

    8d6d03e945b013042942af72d50f615194509233

    SHA256

    722f5a43483dcb2c03c39634b48a42c66cb80933cda6b696de32f50192a26cef

    SHA512

    6b0b53787a4569f2dd59574c1bc6c03ed9b6dec38c57b66e486bcd64aaffbc2992026a68232fc9c12e8144891ac5755ffdc90dec7f018e53ecb05d7e9584a61f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    925ff3434dde76065818b43ad8de5be2

    SHA1

    fcba032bd6b0c8ad87976ec7a8e75669c7c1864a

    SHA256

    a04afd093d1f3827b97c7deb0d06066d9d28c7a88c1cded8530d1771157d7b01

    SHA512

    1dd920ed94b5c5e2f4561dfef4e529e82f6d64e4c38d32f436d66bff964c5be72fe34c8a430dc716f2611d9a1efe82fade922c41f06ad69c74fad46a538efe21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c46e47790eb342d7789e9e7a0c92c2e6

    SHA1

    01f710846b35c7821f4fd6acc954efb959225513

    SHA256

    3e75ae797df7ce44b4505e87fce561cf47c6357edf021f679d8d7d479f197d23

    SHA512

    e0c8b601728fa1571fbaaec8b9e2aa5eeaa390d0f893060118cf957c70e4ec218e821d8cb4c791782a485d7cbfba2480cb5b3e56b66aac3313fd1dd8f582e30f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca864d581f98511872d90bc35d13acc3

    SHA1

    b41b531f8aa598d381c29244cbac3f966fe56b83

    SHA256

    8238ac1310e94ddb2e21ea0f8e5823a5927aa0c14a511e201501c7b97d879dc8

    SHA512

    00c52c6f779ac0f2c1f199cf825f1cfdd92bd32d58a431a9fb439e77ae904b9588c447b645fde3ecd3d98e30743e46c7e48619950b0453e98462f8535bbf845a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    583f26ae04656e454c365c292a447d0d

    SHA1

    561a42ce246241199efb84a216c7906c1490acc8

    SHA256

    cf15003b1068a25ffa72197476bfe5ab0e1b5a15ff4242f177f78e2ce4381df4

    SHA512

    6cda02f90f9bf965799d45bbe0e4310d2439f70765dac56a03e65216219ae84c68694d6a780e1e0a1acf7c3ecc84b9c5721df1d64c3de2f30e71596a7977c3b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    77e33a537b53329fb0d2f356fad0b1fa

    SHA1

    3d93d4e7128f5123be7f88df09108c65b822dcb3

    SHA256

    f6238c7a64d6d40a48d0d98e31377625032b39ca541225b182601e8ce38eb8fd

    SHA512

    0d929df472435a3b8c4f184f22e4dd3a44c65abcd1f716e3c8d1ede0f8969d7395781d04257bbcfb3eb0c0c37724581f8bfa030cb26f9f7e0953b25a83946539

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    913571c14fd823cd106411d38e9e659e

    SHA1

    f9edd05d87ee681b7a727173ff695be0a44037e0

    SHA256

    7a7b9670b7aed715c8748ee4b60ec7dd4062d9cdaf10b94b6f9dedc2ea943b73

    SHA512

    ec48600f3cb75c832935701dd980379d9ab681782e1157eb72f761c2ecc877b699bb4bc5039e94d5733da80c78f363962aecf335ad5ce464ade7a51a46a1e234

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    796bd1dcd2fbda72b1f61929e5ebbf9a

    SHA1

    98b81bccb729517bf0e656932bf43f030669d613

    SHA256

    b834316c21839bf4cecc4579d9f0cccf4ca22b51db1a9bd0171b5f36b91cf8ab

    SHA512

    5e289cb97df596fb45a9d002be31fb1b516c6315b029106993d8751e5721e04406afc09d397a8caa33b680f43bf7b22e06ad10a723d6a35ea0315d2e7e111248

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fde84e96cf40c83c59ed588708f1d91b

    SHA1

    820164da5faa5e5d46d10bd3f2a2932aa5573aba

    SHA256

    97ce1fb1f37e16601bbd746bd3c581415ec873c6ce2b7fca751165a0418a1900

    SHA512

    99befe855b8e08df2cc9b3bb0732bf4c94df3e34dbd01670081ae20bf80f64566645c4f5811d035cad6639438d84bdcddfd22c155cf07af1857fdc949b78a984

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d041cb926386dfb9231477bb99390962

    SHA1

    3e24cc18cf2451abd2be222b516607c742c22af5

    SHA256

    831d2727cb025f29c94fc55e4089ac08c79973d05f761fac61b656e84aaf2258

    SHA512

    bb7aa0ce20ce8fdd5f1a475dd7d8e46fa6d8e5b43c9fa2f8a62725ba79d63e806f874de97fc41449391089bedb34bb5ccdb441ccc0020f84a49ea4a319db1362

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fcca7a77235f18d3b025a040fae319bd

    SHA1

    918a764e28086f9735d94ed1b0a1ef4800f11ce3

    SHA256

    4933a54d47f6c0ae2dbd0ce21c6f53eea73216b7ab4d323a9c31e2a2596b5610

    SHA512

    1029cb22caa95dadaa585133da3e9545dd19d1bf7fcbeccb5a688fac1c017cd1996743ddef500843e96d383e4c85170c5feba2932ad0f968a7081909080dd49c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b7461db04b908b5bc475cee7824bd32

    SHA1

    bf31d6896680e49961326e985e46bdbf4447e1a4

    SHA256

    47e244af439d5c1da9e2aca9ff32f3fe18dbe4df107b6aec2269576dd082b646

    SHA512

    2e93831916b3937dc2a0b0f402a31dd45dd8edaeb9602c174413e45921fca06a4fd6648e0b62de2310307e331d7fbffd4ad799ad8c60b0e47428bed457c6a356

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAE4B.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAE8D.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit