Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch02.html

  • Size

    7KB

  • MD5

    321682a8fad982fe953f04020020e0d8

  • SHA1

    102515eed7f7076c4213b58c7765a23e3c1f8088

  • SHA256

    4109a7348b3f1b7d3653e37f1b640d587bc84183f759ff97cdd8beec65a51488

  • SHA512

    a51a37e2e0c188afcb2b3d789b3693855dd9b46bfc30fe5794dd92fe2ed8f186b956383648a36fcf3e37c82b2909f4d982c46b9804b2b0168b1c6a4cf1bfb369

  • SSDEEP

    192:zvOH1QlNSgqkDqjDG3mmGDdrvvI16wU2Ugl/EnzTRPnV3uuFm0:zvOVAYjFLShQdPJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch02.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2908

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          26a649b34672e9079befe917887f7db6

          SHA1

          1e3bea677b39b3532b31d976ed8714fdcb7c618a

          SHA256

          8346e76a7f331319d3a59faefce76340c04cba691c32281e710260d426be8839

          SHA512

          4f950ff32ffc680d3dabd944aca95ea0204775992e1880aab3d9958d0eb0bca70ab611619a65ec2e71cdb514030cdecce3ae4e97470ac82876b0c58c01922fb4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d7af01e0a3c3caf2903904f732dbb51f

          SHA1

          182ae71665965b051f76bc66edbb67e98687d564

          SHA256

          82d809475838dc7870093a328cc1d98ed18d224c91c8b7cbee746db89f18d260

          SHA512

          f38feab67b5daa6eb7162504304077e993af06a313f21d0f9f94d53b8c4675dccccc732c5bbfb4f84bcf5399d5be3e44d91837140a5c5ca4e97f1663db6bbd60

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b46be1c41285954a41c4d4c42a0ee26f

          SHA1

          065514c147baed7ade24da6c43dbc19e42af88c3

          SHA256

          a8f6ce7eafb7883fb6404f12d1b1654c1b427a4393e142c4b9e522f9e93d9312

          SHA512

          8bff79d9eda0eb025d2905765d0eaf576b551e821101e0ce4587360b9116e2b2b32a6cd02065f3ed98b14f3666e7d36f9d71b4b8760261d79e7541b49836d535

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a5adbc1237a0a4d3791ae2df61647d1b

          SHA1

          d416c1e0546e8acd785be3d845125f5acdb5d1e6

          SHA256

          f97149fcd46b80f2e67e6965b8a682fd76ad2eb66c231d38489bb70bc482dcbf

          SHA512

          00f9d000c8034f5fb22408baf6454deb824f283b7498490bdfcca242dba5e77dbbcdf023c8e38eafc29e7783a8259a1e90f647d368a115e1c9752a5c61af632b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2ce6071c540c4091457dd6ed46a9f152

          SHA1

          7aba50d137cc7ac07a40f68e5c03253a1439a986

          SHA256

          5406191e6a08bcb0e2b7b7e18fc810e8a047f9eabb50a8fe0cf43dd71a0616ae

          SHA512

          480ae4546869346e8b1c7ba8ef99b3fb20d0f50357e2c86c31fafb814d9d940a863d5315f5b1847a6065a7f37781d61bca4d4c52faddf4acbfbb9801f871d102

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9ac0878941c0782b0306d8f4feab3504

          SHA1

          d3bf6b04d7f519aaaafed03a182b8a710afc3a87

          SHA256

          9e65f661aab9e3e7378811ec2e9d58ec3bf2906ba53c541a9a48b9fb481c8d38

          SHA512

          baaaee1faf8e0e888aa564d58e2717c3ad7348cd84438fba6acaba9bcc9f929197f7c2650f59e4ad5ef0eca36100b122ae34001fb2fa199f31a45e1592462fb9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          89bda512085792eade25fb372fcf85ed

          SHA1

          a42a40bd338bea4704f06efae9087b342044df1c

          SHA256

          cdcfe9fd3629e5eee6065a5334a24019bd9aa39dbb32a72db4df33b337b1fab2

          SHA512

          dc2156867d642564732b6b11de9de44f2f993f091e20c4ad297414400d9a3737cf0f6a0ae1e0fc5b87394fcfca33afc80413675313f238dab9205292ca592803

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          709ba06aec49bf7607e462de6849cba5

          SHA1

          04fe30326d21ee82450dfd3886b7b02bea11f331

          SHA256

          72c8fdb1fc743d74f40647ca3fc47277c317e200fcc881a49041f3d90238af4e

          SHA512

          b8723f2873c04a3237cc76d43cb615c186ec6f84b33161b5bc596ea69d5be408c129f14bde30336d7a93a350b23a941ea997b7ee4127b3a20d72a563dee10013

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          298ff881f0aa2c911556c51d6eceae78

          SHA1

          81cbb6afe19a9002651130e4cf5f3fb91b729347

          SHA256

          c23fac3cab601a49d04e1d456f9004ae3d411d51383070ea1bb05921f3ca0388

          SHA512

          df4e0903d9ad08cf0ca9bb693dd65fdd656023418d7ce894ccc04cf3e28982120795fd6ae85b77afd8995b858a403038073d13e40fc8ea31dde8c836779b5269

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          db0d9d91ea904c415216927e6fe4dd76

          SHA1

          0b19730f72c34fa683fca84c0fbbd56b059b177b

          SHA256

          a8be93c3715d197066f0fba310eb6d5c8f05fdc6d6704e74a3732b241246bcc6

          SHA512

          6a284709470db5310f4de2e7213cb4fa94c4151d3fdb22086d73cd9ef845b9168ce52262f22dc3621aa2248fe4ca3627f63970f0f1e7eb1d5c46b9285a6700b3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4d6ea1a9804ae3e92c06aa78d9a04027

          SHA1

          b0dfb19cd267c7716c9ca30d607f04da60d6520f

          SHA256

          0c8aed558d3ab519eff1d48e468dfd3a797c5e12fdafa620bfc4a90dcf3410f1

          SHA512

          4e53f8e2d4347fffb60b8be680cc48fd7d82fdf236103d7d9d211213e7e6dc807fe4a7cdc20f4648eb3a89366fcf2475d0798a3f64f5146f5cef43a5bcb57b56

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          45db387dc6fcb11d98e3132b9dd77967

          SHA1

          fe2caf0a0f779cbd02b78c141ec8680756590bcb

          SHA256

          cf71dc6569a197a0137d9047c30fe605ed4b9fdc1809594fda504fc23df04baa

          SHA512

          d9bcda01c5a8ead4ba0c0be8ed7acc0f400658da56b5c6a44934e85361d56b54fa1d4e68b9473ed032f95b8563ca907d665a72d47391e89cfe421f66622ff9f0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5c9c0cadbaa7e369b62288bd790805be

          SHA1

          a9c3268b17eeaa2ea2bfb7a316b83e5d4931fe6c

          SHA256

          04fef4620df446c21470ee14b5a3729beb58a7dfa38cc8cc2ff0a00035949ea9

          SHA512

          e8562ad21c82ab867904974c993ad9310970b3d87f36d9fceb55e39189a8d0fec1fe7a5ff0875e313c4abe8f188b7dc1a442b49b4cc7872a5dfdddc904ab56fc

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab5CC1.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar5D72.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit