Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch03.html

  • Size

    37KB

  • MD5

    0f446f0d6a26e23849dcf0bc4748bdbd

  • SHA1

    60b9de8b0d0c3b5420478b1a3d5f58ea5bfc6364

  • SHA256

    e8128394eaa5a5a0392a0cc0f2d5020823406c7b5ee31940c1abf5b7a8e7a41b

  • SHA512

    fa0b7992a380921688b45aaf8ad870b0eb91d1871743b652983a3c0acfa165af4a3c522c002af0f8c811d3fb896397bf218495f528c0c3aa801d92ef41f17e58

  • SSDEEP

    384:zvO3dYSL/tN6UxUIbdjSO7vzpkjLTq7af8GeGDg7FIRwkq/hWYGMkhERr4qVo:zORt/x7bdjxvijhf8GemgL1hRr4F

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch03.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2056 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1236

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9674f965996f1655b319230bd95f8748

    SHA1

    1f7c679b60b59e00f69c010804e3bfe327ca5ba3

    SHA256

    cfac9a2b64b0c170f789abff4db21bc48e43eb868b247a209cb775a3912faee3

    SHA512

    9efbd74297749ce433058d35507aec51ccc588864b3aad4e714efd928778814952cc4438e401df8fd25f392085ec986c2e183ab868341f0571a27d37dc986527

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5226d3575a06ba3d44f060dab2e79987

    SHA1

    37705a2ac5b5d31386ebd1fc805d88298374f775

    SHA256

    f065e6a77c2bc3de9ff1b6bdc14f23b5513d687951369767879cc54db3b0ea2b

    SHA512

    7d709e61d026d0ee864043ab484d22ea14e4410db20e787e7cc3fc1f1a5d5bcf0efd8cd2f1879c5c9226374858a72e4b3d8bbb3ad1e2a99c901da2d29931115c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07b95c66d384fe7738423f3d81a9127b

    SHA1

    c60706d7aef803930b3ca772f67258bd910f3383

    SHA256

    2cdcca51a1b055db32d4abb58edc5fd20717f504b60dd0a9bedee29e899f4dd4

    SHA512

    b1c9c9250932049091e3b3b488255ed6f667bfdac7a58c796aac652f88aae48dae42922788cd7c4cd01ea2f220ef79f970494ae8a6558d75218b54e87646ffd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a2edd612e6d5905415c040f8542220c

    SHA1

    d5c78306f9dd49b5fcecbee7ce23ec8e0433adfe

    SHA256

    4f894a46078961b14ac5e6554f7f6cf7873392976cc8d58f2351e7d14155e4e9

    SHA512

    f5239cc38201f33be805171bc0c89cf8eba915947c11b918bd01bfbe11ca5c916791f1dbf8cedef71a70b2d1ea16e8cefadce767c37800093a5606ef6ef5f17b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f2aa6d96218a2ac62d74165bb7b5ee0

    SHA1

    fcd0ffd93d08ec0fa902f03c230d79049ba56674

    SHA256

    25950093e00407e00b51a8acdfe0107257251c9a24167c67528081373142e54a

    SHA512

    091fcbe0488bddb63014dba3963e4f4a6b7e33fcdd885d938145944e6089106da41b3eeedb996177650bc5e794912ee83b0353b6c6e2bbc44a6db38549ad0b26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    492ddfe3b3a343faa685956f004d5078

    SHA1

    abe9406bebe6487943d5f0e19d1ec93c9c7171ce

    SHA256

    2a378b7d6625e0a30b8db25e154b90c3f9fb2373dbafbe8e63395b628879188c

    SHA512

    7ce8069aa4199100d46be562e5637d06834c075c041f67c29f9c1cc4ee00d1298b5eb9482de64b42352518fc5b7005c17d7b4330877d13d33d2da0a8ac94b3bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f025fdf628d0ea699937fa829519a7c

    SHA1

    cb4521e9b78ee3a598847a1d351ab9865bfe8eb9

    SHA256

    5853306eaea3aba71be007cc4367c6b5b2102a0d39f48edce7873cc3417d9c87

    SHA512

    11f3ff9a351d385b55c1139e97031ec724efce28e68a6d4d1d13dc69e3f22ec793361d5ecd0e6736bfd656bb651c4390f345cbfa011eeeb9ccad6c89c4fc9439

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1c5806800441173ef7f7b4fc27f9b97

    SHA1

    3e37d68ef9b6a37f195f03e8bb905954418b27b3

    SHA256

    d95fcb5b7841f354c9d3d530978d9b63aed1103ee295b47890c193f9fd97e944

    SHA512

    85a1435ae22b1ad03fa18be246e45a7c8cfe4820ae5d749a962e6cbc19ab91d8ec01166dd8b6954ad590388c66fafed7b339762445cb0053189804c1b86807ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e47b8c1bcc5e83ac1913564d6cf5637

    SHA1

    3af5ed8a2b2569f07c48a544dcdaa7d79740d45b

    SHA256

    de5bd259ef29b45f93cd2b3d5b914781eb208698ac0453439ac412fda69b8002

    SHA512

    4126fe377f215cfafe2d7513456d9ca3da48d1ba023588a9f0201305e4b4c56cc5f4ad8e0655b6416ea9281c7be78584a427c15e41a99da5b958916af32dd2d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1c5806800441173ef7f7b4fc27f9b97

    SHA1

    3e37d68ef9b6a37f195f03e8bb905954418b27b3

    SHA256

    d95fcb5b7841f354c9d3d530978d9b63aed1103ee295b47890c193f9fd97e944

    SHA512

    85a1435ae22b1ad03fa18be246e45a7c8cfe4820ae5d749a962e6cbc19ab91d8ec01166dd8b6954ad590388c66fafed7b339762445cb0053189804c1b86807ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98f19e4e38cda3b201bf7d2d288ed924

    SHA1

    ea0eecc2ee14e462f888435e0aa33b1daf79db1e

    SHA256

    6162d859a29981b2f5ff9ef9f97cb1fb400439ca30e9cbe4acf9a8e1e6b41f2d

    SHA512

    5851d6ac9d510731adcfd5a57a9c68b919f0159fab7b1b86dbb5ede1575604f5137e4579dd032995606a6c59012d3d9b390ec6f3ec73c328e2e45aaab6895a28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf643cf58ffeeaccfbbd3707d8d7e42a

    SHA1

    5f4431aad643ba4a424679ed6ae1d2da563a0af3

    SHA256

    fa5b65a864d8607e32d89ad3fc327f0d4943ea364ee9fd45ee92d3c4df30263a

    SHA512

    7d2768c4e678704e0801ec5aec4fd4383943ee471060b85fe0a349496e7b8f57a28fb53a00210400fb33fb785539be3dab038d8d901df7d90394c95305076120

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1517a86d126d7ec619708152369ba814

    SHA1

    42fe3baba44263ca87cddc7a275b1ccfef6d07e0

    SHA256

    004301bc87f855efc31ad2beefa87ddbd257386cf4d894403e7d17402858e558

    SHA512

    78f5926127d15254b4b3a977192ab75481683fde541fde1a031077289fbb693597ce95f1e5cc3903e44783aa3b278dec24278cf300ce6c327b913a8c2d831b3b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81a0020acac8dda133bf11eddfc658ed

    SHA1

    456ba97a32c96b266b307ed6dde510b3033a316c

    SHA256

    40f7489e4b752473ca3f36cdbd2db80cbb925046b2a14087bd97a75e3e0d9d04

    SHA512

    a2ee419876f016c7709679f62b0a994a8a826011210c21eecc041e2650efe937ad0e4b4d15cfeedf3f6510707ab2f7e5c397ebacca667eb88614a57ff57ed9d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    444484db7a5dae97711692daac990859

    SHA1

    38601a8e14b1144134b6cc097183806efca6a300

    SHA256

    13fb1aeaf13ae8bb95bf24fac5ede9ca89215066911e40d3c4330f2476f42a3f

    SHA512

    1d8babe15c0365e32ec9e008187f9f927362d0e71124a33711628cf42fb6ded820159f908add7aec76af4de283a4031c835d3db908bc13249547aef60f65c534

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6bcd97a0ede7735ba1f6e893d0e175b

    SHA1

    267d6bd81b3c7997af9ae995f8d94822c52444e5

    SHA256

    85ab2405f23f808432677903575f1ef85d488817de1bcbdcf1421135479c1bc2

    SHA512

    bdf76cfadd7e6770a61fe0b9a8f07d6b4136d1fdf5a224e28d14ff042a73d5b27b3c63d8e639045f08175d014112a2d695ae47a0dfb50dfb59d000df8620a9b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    82bf6d55e6e8d7fbd5fb8593a61a73ef

    SHA1

    104e51fa24039b6b7c5fca6506ddf0d08b62de39

    SHA256

    928e8558ff4b96a9e9ca3ba44f32f4321d0865deeb0e2d77970d6ab3e1c1606e

    SHA512

    96093eef873609b4d1879bc86b6b2a272a6eb7c5b028033b9ac272b0a12ab41f964389364e90ca4a387db06b47c1f2c6d8fa7a7e29839ea83766fe4a74285266

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB953.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB9B4.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit