Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch02.html

  • Size

    7KB

  • MD5

    7f5de7c2ba662dc44ead50e5dc837db1

  • SHA1

    ad984ec69e43a2f225b9422899dc6c2bdd439936

  • SHA256

    679ca5a9d1335c25c545a0bef68ef1a534e856e80d6564317c63bebe0e1e4f14

  • SHA512

    2237279c66289de445a08d9ac335d29431e7990857d67bfac4ea914b117164f36f44c6087ef8a2c8bbeca8e2b952e566976417c74be72af371f091ab27f55239

  • SSDEEP

    192:wyvOHJQlNSgqkDqjvJPmmGDdrvvI16qU2UOl/E5zTROnV3IuFm0:wyvOpAYjWL4His5J

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch02.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2484
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2484 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8e8cbc18eb9f5af68fb5d91777d0748

    SHA1

    b7179ea43df210af42d2f23c50f84159b8959ce4

    SHA256

    9ceb02b22ca0ca9fc590515e1f2b8511743c02b188256e2dad37792ba0461233

    SHA512

    49b25ddc57e6f411abc51d67f23c6ec7651f5ec14cdb564c32a69d2ee0f686fca4ed256b6bb5885bfa623602cfb360078b2945443eb8d8cf54e13e44c49f5689

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ce730cd4277d1000c5f9d69577ee31de

    SHA1

    e8b2d9a41d0b3c9dabd1bc14f936a816e32d7904

    SHA256

    06f6c1a3b17e0d877f3da10eacdbd6953827418010e555baec5a860297fb850b

    SHA512

    6fac18dbcd3bd039ce50530353a4ada25669fafa9cbcaecdd5617d4771e54eba36c0cd33ed1b448590c9bcff131318ef6e01675f38c8dc93e22a10295f7d6efc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f619daa3479a1782e13de33891693b5

    SHA1

    bc249415b0f936cf9c3d93d42127664bc5d79362

    SHA256

    5fd101ef5d98af9514ab034d529310fec58ae6d9ef8e264fc5803caf368420ff

    SHA512

    09fabbf30f1b1e8aeb2de82722f83d6970a60e34e3dfeaf217d77a41a6d24e3bfd0dde76acaa11617ef166088e936926e70f35e868dd9aaa1e80a247ad98a38d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8b9434ea270aef5da23dee11b37146b2

    SHA1

    fc8cf7b4895d1666fe0706942c6bf919aeba487c

    SHA256

    1b42117017782f006bf8e0d1acc9ba44e5f8c7723c1eb556b578c2967fe29fba

    SHA512

    a5cfba9ca69f600fc60b5d5f53a9eeff5a8463e21fd73a7207d7c7e90543329e0656e0349ded92431f7fb83bcdb7af4a2b1118a7dd0ba8022e5b22e1670c4c4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2faead9ed34c639b866b097e13030ab5

    SHA1

    29794f0c2a8a69e31e5b9d1d7b54fab85169fffd

    SHA256

    53e13aeb254cb034ff8b16e3034a9cf27b3b94695bd9c306fa18273b6af2f536

    SHA512

    891e6bfc7b877f10a2f5d40ac206efab38cdae39dfedbe4d172ef62572fc38ea9bff994bdb8f0526218d107ed66d805e97796a1473b8f18800264e9480ecc265

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    855326bcddbcbfb8e6b3881ec1529b31

    SHA1

    f17e34ff70f0ce128afb2be355e6f3dc991799b7

    SHA256

    9d5cda5da4bf713b555a0a651608bd5b30e802e78d405ea7058558006cda94d4

    SHA512

    7c87d8d82b39f1b9bf7e6ed64f6c473a531768e2a6e2ebecdde60b1b61bd95802c06466080f12221b0f88d51a8df2eec7e23461bfb9fc1d992586e0b085c13af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a7aacda897c0a6eb9a0b0e327a92d014

    SHA1

    a7ca1424cb2a6a868ef64fc82ae74c638148463b

    SHA256

    0c47a59f1730b07aba5b89bfa0b9f6dd66bc2e681aa84c477fa428bfc8b63d83

    SHA512

    284b90bff65503dc20262378a5685acfc8efd22a989cd67ecbfdbbd1a4cef50dbd09808c962300066fef8da226da8730a559d68d53db9132492623b8f4342222

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e2c11181c2e4b616e28bd2e8f59ac510

    SHA1

    d10bab67bc94e8c053deec30e42ea76ee4615b42

    SHA256

    b40c9b07b075c9e8abb96a798758fd6a4feb6ebd7acbef5fa44367ace27ab5ed

    SHA512

    d9c22752eafaba7f70463b7e56c1610ac2c4ab8668066d9f58fb1778b2a2530b4127a88bda7d87a11382b72510e56e5970d594623d4ea8ff5ceff88a0d691f7f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e8c81a5cd9e4355030c7dc754b0c698f

    SHA1

    6b82e2500d2288fbcf4755e8e984a4259bf912dc

    SHA256

    d0496370e3ea9025363289b68b03d15a5ceda46d8334efdfc7303bad6c9e6c34

    SHA512

    1b6432b4b7d18973234b765a59e9d51710362baf21635972a77d843f4604fea76ba083634df86d047e4bd625bf685fa03ebbe483c7d6b15a11d69469dd775e45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9569d2c7170122736984bb29eb4d706d

    SHA1

    8c28f0dcc51fc2839b90921688685fa77c872bc0

    SHA256

    dfdaaeef3452b89e422b107fba66fb24f268813bf2c7ea648b3ceeb8bb611192

    SHA512

    661cccf1629024e4cda73b2eb0d528251a9189f3844ad8f09ec42a9caeae5c5861c9669fbbad39c371c34c2ad104507652bec65420aeb58ec92dbae400e48bca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a52751f84023c8cd8e2001edc6315816

    SHA1

    2645fd8523ac876dbde2a86c94dce413f00a4b2b

    SHA256

    e109b5c7825f49ef161d5e1f0f13e981ebf12f4eae354a9e1411c6de8e5bf893

    SHA512

    439b3be29c9186d92c96af491efb540d62cb3ab0ddbb11ec153b4cfcede717cb80b8d5fd7f039c6a8df97f93ee93df591853db2691249687fab8775f49467be8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cbd1ca00c5e1e735ab353bf40f978393

    SHA1

    0743a9bc9f503eb9d3b19f240f2d0f630829202d

    SHA256

    141950cd1d82ffef949718d7d9442b9cc4928c885a55e51c8610a82980d60557

    SHA512

    1e0b4f1b646035a2bf415930b9243025a66bafad5c6909e8102cd243db3890768c0bef407bbad402c4458275507106bd92795b9f47a6938c605a294337a36578

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a89f595c9e3424011ccc83963db6cf00

    SHA1

    fd84c0ecc92a62abea1b1adca0eba399e8add012

    SHA256

    c31868cf7a22cd0ea606a792831f4a54c2975e1a80be9f228ca5819f57932061

    SHA512

    edfc3ad54f7c8d3b4352ddb2b7a6af58db1ebcc761635d0cc878167c1feb1a01c4fc59fb7b97cf0215ed80c79b87f96ade5b9b1226353cd9319eeb4f9d41d588

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8f8174f36896fac913b1efb1cb80a294

    SHA1

    5951e06407210644014ab4604122ccb5c138b9be

    SHA256

    673742fa31e1345d4a8fb107c49e848532585d3aafb5ad683e5af45a009d7837

    SHA512

    81e98f8ca45a722d59ddb4d1bd387265deda10e886037e7970b236f10682d8bd8b15c58bd6a18a2b70fcac5053efc853fa41e0fb3e0e57c105afa87b0d05245a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ce425ca459013a9236ad65ec93fcfbd

    SHA1

    fd38799a57f371b211fa7cdc1940622b05f67f5c

    SHA256

    16c91e880a11e24bde765c76390e7e98ba1121bb3ab5da773883e99889d87cf2

    SHA512

    e74f5f05d4626e6cada3cf5c185c5c6ed2592ba18ab98bcf543e1f17de12d47bb99ff59b6cd0acc4a23c625bae69282899519f1d6db2ba199f616576bb6de0dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb170c47d9061a4ddb3b9c0144521257

    SHA1

    70aabe368d68d77cd9d4cd6ff2f6e1b87bb39d2c

    SHA256

    96e19f9ed09c34cc4989e28f3c83d64142eb93bae8b736744f1ee7c00ae6afe2

    SHA512

    0daa10094ffbcdcf293a0ba8f492dea3f73219c2d7ed2a63b92baa5e06810cac53ec91c0f1d81046ee94457862791f87ee90497e10b0d3cc4b54003fd56cd595

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfd2b21255d30b6e18640ef8c76550d1

    SHA1

    627a2d7607a216a1d6c311467d681729fa4fa313

    SHA256

    28cbe2a1621f4eb52c6dd7c29458ac72737f2959b7a37fef1d235352a792edf5

    SHA512

    f793522d58262acd3a88c57db8559a56f8ac36c3196099473ec5aaef1031e2d0ccbffda7d7a64416ba510211aab1ee1ecd984c278dbf31192570f15b0cddce6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3cdec319aa438bcfa90be25daad7cad9

    SHA1

    31958a70139894a7481df8d670e64638786a33e4

    SHA256

    ab64574465ca2ce5ba402021f4cbd2a53af6ff4d9f5e91e3a63fee87af0a9167

    SHA512

    298a4038ada8d3e65d6f2b095e34c9f2eb051d47551b972e06910d31ffc8fd344604653766aa44eea8505cff3c509a937f76c84476bf127ed7db876c8dd952db

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFF18.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1AC.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit