Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch04.html

  • Size

    47KB

  • MD5

    634418b87c778f1e2744a047e807f458

  • SHA1

    e521a997f1b6595c7a886abb13f5e303441ee767

  • SHA256

    391c8a54b5f5c73b925de0afb1a5a90551985c95a76a5d16ebf5b53a382a8cd8

  • SHA512

    bbff8d7ea724fdf7aeb5e24db7e213f934916d01a9e9c24f3fa96042f8ac02e95a3224c73ae79674542e1a5b7ba4c1a790b3319cd1b4735be04d468fc9d104ae

  • SSDEEP

    384:zvODI3YRh8Fjo1UjerkQShQEE6PIT/9Y0N98jAqaDpA5Ept4fwkL+IFx3+injEsn:zO2G1UVQn6k/hpFfEDnwcxDipm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch04.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2256

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d0217d330fe608589b6a0f6356d198a1

          SHA1

          274092d6f7ec0d9a42f1f83da7eda4f931fea04c

          SHA256

          9fc945bbbecdd8fc51435f43f84f310607294e9b9d3838d055d28c3cd14b42d5

          SHA512

          9c5eb6dd0d397cdbb72803fb3afad2cc64134bf139c566fc93123ce00443bb21d3c1df3a76754236fc6cbd459a1c0d23cfe4810e818d2e181379579783adea32

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          78b02842b5230397b9bd9fd2fe927b42

          SHA1

          7d1dcedff89b1477b983a3f4ce922e391df4a6aa

          SHA256

          277ef84e8dcfcb96dca0c94e36525c4be3afb3637aea42e281f8b81fce023464

          SHA512

          08aeff9ff91d8a4a11a0feca23a485e152a4dcfa7112379b9e012ce551caf5dad9ebb1468a64ce066643978bbb4a9368e42ff8cb8fa024e5ae24ad65ca62abfe

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6e697b9addbea95003334347f5d3467b

          SHA1

          d6ad494b765b2ef3a5747fffa97a6e289ca3ac1c

          SHA256

          b9e4e4a92d9d06b457bac220736acb38049a4dc32d51f0765f8559e4964e3ea1

          SHA512

          86a152d1056772ee54b1bdb11c667d9e97068c9c6c96c0c1a159e42250730921f3092426e31d52c2db94b3dd400e02623a662052bf7be8eca2b3c55115904e42

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6720bb6729caebfb9f53aa00f96f1edc

          SHA1

          923ee16a13bfcf99962cf5c14ced6725b867d505

          SHA256

          9fe133153a0327b1d04b95a4533d70eca71bed639ed4e55efd5196105dcbc213

          SHA512

          497a74a51fef9ee5a4647ab1b052371468154702198b292b6de8e69cfac87d10bb99551f5e7c73083e28be240bca6d6ef716edc75bf0fd3933ff671509371bea

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7e8429a57a3c0719ab3dad0a53c30bc6

          SHA1

          993ab3962a409062607ffe104a21b31b48c77bea

          SHA256

          45db31dd3320a272de642f5b72aa4550f63e7c5f43c37b4b30579e484e00a202

          SHA512

          988dd8dbff802e49e4d00268d47d76c65f1e26a220044947f7f95f0c493a81cc465de311b2cf1b7a70ac4d7de0b103b5f49ea1b94e474a8c4dde3ce04a5e7e1d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          234bf1d8f31d99e726cd8bd11ea727c8

          SHA1

          e303008073e9a2e53e36724a18c63cc44468697c

          SHA256

          1c30cb12d7966340ffceb4bcdaaeb1db23792cb222c366a5b6d6741223dd21ca

          SHA512

          39c842c1c2e089d3a692c6f54d7c57b53c828e847eea10cfbcc44b98dd6eb403f72004dc30326934afa17fd69c22683c7bd41ba2a13fef1afebc4d7a603260ff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          52e17c2fcfdbf65054dbe6fa0f44ed86

          SHA1

          21057a31efadd9a4c6754127b1386ac3662867ea

          SHA256

          ec8f3a249e64f743181f8525c92735e28ec9a9456bced386a2a7247b507d12b3

          SHA512

          81d2976a8fa2545b953f36a8c3aa55dc280de06094118392c0c9a35a0555c620e81b7853e006ff1aa1512e72e718eaeb76ebc0bcf9bd935b26035203b7c6dd4c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dff15248219e80bc3823266116d1b154

          SHA1

          e029b044e078cb5842754e40fdd599622415d83e

          SHA256

          b7a78d1cac0251a488c6f8654d63bed239b23e3a7217ef5451c6492fcbe881a4

          SHA512

          33c66ec5df1be60f947e717e06d49a0a14c610559a62ff1506255223117463004539320e59e85c3d072ae43b8030311815500a11154b91e2acd0979adcd3139d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e705db55df8222ccfe1cf13c8bf52f62

          SHA1

          80fc005c192ddb11582f00c0023a788eded3d717

          SHA256

          a322a51b3772592fbb101b75753097399de509e9a53a71f3780808981a425960

          SHA512

          31fdaa42ef8634b6cc7615c021090592eb587a060a5af23dc16e1b7f4ba30fc87b6869bee8acd1f5fb88dbeac4dfd317076261ae8490d64efd4d7eb6f1da1dc4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e60bb12b9c85695db7d112ff66987c4b

          SHA1

          673a886982ec8b49f80e2ac46619a472e573d260

          SHA256

          7d1cd92cb0f85710e2060598297f9b0e2139f90e28f0149894d4f4ddbca691e7

          SHA512

          46579a77040e00a16eabffbf15271245a3ac3603681033d0de25749a980c1179d48144847c05cd1c4f2fe7017d89203c947350cbe40578c6898f534c7d3b4284

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3ba7b41affb5d1b163195044f968f72f

          SHA1

          a39ec80915b72d4515308ad92f1e59c9e921ad6c

          SHA256

          6d82252cb9d0dc7f5e8be7bb569232ae22baffba78479c1448354fc25b076f74

          SHA512

          d56cafdd273284aad400eaa4affc7746690764f383638c5bf32e3f924af17461be1201a1fd363ef1201c0a011797a0b484676d7d6a337009d704949647156b02

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          34d8462e66cc6e4291bc134773f67da6

          SHA1

          dc786dade71ef6194f6fed0dbfb86ce9916ab525

          SHA256

          dc97efe04b48f994ee35a15860fbd6c7000eaeaebb55b372df0eccab0c9c5d45

          SHA512

          cf2a0c83c363e4d7d3124fc5a4966385eceffabb9734f28dd6afa9eb1b41fdfd39e24429cc0a7d07761880d518a7875e671607a9661ded88f830fb7e07265b13

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          23b3970ee486312e4fbf5e3e349f00c4

          SHA1

          8084f0f1dc8770e93d0926674e955a50e17cb6aa

          SHA256

          a693efa21a37d327e8142cf6f7918ef3f7e9a29e5e3f2a3845aa7ca773a8418e

          SHA512

          8d16e4f05677e91a72f2238ad06734f7b5755f3b5143cabdbd4783fca211d4fd59b44bcd59cafd5b722d69857728cec3e3d1912bbe9d1ed6fdbda51a943698bc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e3132d3eefea3cfe78f757334ad0c7c2

          SHA1

          33c94ce85edf1360ce3b6d2ac9328f74213ea116

          SHA256

          cd7fcd745dfed0c9c5d6b81bccea65c14cefdaabe0f8e8a4e7006b53b7969bd4

          SHA512

          0462ce671745cddce41c17627c7b35db8a821ea9cc0bf29f9621b39df874b32f4961cf9ce4588fa575c2a5164234ea12f38cfaccafc188f63c97624d602b3f9e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          995e3dd85c619bb19b003c351c583a27

          SHA1

          6d5444043b612cfa22aecbeb0db26d993022b26a

          SHA256

          91387639c238730bb7a2a258079a55fa024e93d521db0a2a857e3bb04862fbe3

          SHA512

          02d18c694fc2daa41c038185557cda4e3f78ced554b6b9dd5497ea405b667c83f1d379e3d280a7e09351c1bfbfcc9b57267636415f746da5db6359a839272f3e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          03a78edc522ea6dbafd996a5bae5b1ee

          SHA1

          81918498c5115ba0348cc6aeb2b61e08862d7c67

          SHA256

          ef7743e9a5c1b71c3d481969a70873beefb5ed38f1e1d14808d81d196825b563

          SHA512

          9656783158106a1654ae3e347e7c91feaedf7712b6ba2f6133eda3d94712160c36665ab8f432e8cc67e41a2e543bf5e4f49541c248dd9f138ff18e4945fd7327

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5148c8a5dfcd2dfcb07faf4fe35d15bd

          SHA1

          ce9cf361b6abb181185c051acf5b8589400c1f79

          SHA256

          47ce86461fd250d89052994bcfedfcec28341d25485750a09e973fbc5393b759

          SHA512

          bf7c487555a2021fb33eb9448de25e4140e26616bb6a241387100aa10614bc4c4bfd18b11fa4a8b2ff4b1b158e13a25c60637fa151e5532a6107583beeaa99e3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4067efd09adb036a85658afae2eff4de

          SHA1

          86ccce42a817fe59beb103c1107d920c3cfda379

          SHA256

          1af005f2210bd93b60628301a672b1a9fbb321ac1718747b6f0a33f957265d82

          SHA512

          179a411ca255ffd8680dba7b5bbabfd9b015107d2170579c5bede0415234808f9a3ea7132d43f3cd4c196c6cee0871d77aea2b50f3ec4094487d6a754367064d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d556bb1cf9ae836ddfff7395ceef3e92

          SHA1

          e11d61e008930cdc694e14ec625542a3bed837f9

          SHA256

          6ad64d6db7aa768601538358bc4410de7ccf7e93782cbba4662a5cef6d71b4a5

          SHA512

          7b2ef849cc35a899c40bf69a42c0e0e90837a00f5e2dbc693d38cfb2e9000d2647712c0f90f8cd66039ccba6998dcca6d1568e7914a3d59997ad1b49a9b6f937

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          625d92cb8c115d8578fd533547923910

          SHA1

          3d23cb9b4cf122a3cdd53e8dd521ff4a3a206e1d

          SHA256

          4875ba694610f6e939e7d90fd427534ebc5e89911415138cdef8a30b8cdc3f5b

          SHA512

          75322b921b3f6fcd483ad77bf3d942dc495034f9814cfc0ec36cfc1bf17c686b7cc2a2826563640767e43fba44724defde808672af6761d796b9f166144125d3

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabF154.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarF1D4.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit