Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    166s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch03.html

  • Size

    45KB

  • MD5

    c75c8546ee99fe96485831eccbf63df6

  • SHA1

    3e0bb82f3c87bf5abda0cdd1a344b192bf472f1a

  • SHA256

    d1b0fcbc1f283c4a72702b51fd71bf492b3878b39f7020bd24a699d0970c7753

  • SHA512

    633ed24e2a84ff3b3e6a86ad385e4981e34751c49c1aaa4d3c8a4bd6ab4aa508b3518b73cfb080d425ddf97b93d734a984e6784aa94f4cc4795c7f8a12328a36

  • SSDEEP

    384:wyvOtdYSf/tRfhPxLIbdjSO7vzpkjLTq7af8GevMfMCDg7FIR8A4q/h+58zbYG7a:w0OTtfxUbdjxvijhf8Ge0EKgSpsURCn

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch03.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1728 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3eece82c184068dcc8e51cb931f6cc4a

    SHA1

    81caf13a26384eade3bba4e54d447171b357f917

    SHA256

    d1be91d5e2b480413103328739728a437f81a9172f45f1cdeb3e09018578f56a

    SHA512

    b7637fb63269749fda0ad21da0d662f4d3c941002dc5393eeb5ff8b3e00b617f1b35fee04c7263b18c47f54fe5c7d1cdee02e44c55d06e49e1a3b9720a4ae9fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aca38d0252bf1dfb3e56b1e71fac2caa

    SHA1

    aa42e0f91bc1e0b4b6ada676334beece9c6dcb60

    SHA256

    e30c40f7a4f650975c1b20e3d85825922223927d4aec8f60c948d7dde3363e2d

    SHA512

    921c705e5a9624c4f067c5083685efad9c8f3d1aa51eb5403339a6ce64910f43c0c2ffa4d560d710d8e5b26a6ec1dad7c8237d003372bb5920644870d03d6ede

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bbd3048e81662a7ef8ae0fe744fab3a5

    SHA1

    16064c95b284f2f08a2f05c68c8bcf12f18d4339

    SHA256

    f4e46201d701346cd64af69cfe7e3585b108572b4278a53a6c205549f12c1384

    SHA512

    0101292302a938a0a17becd5da2e6b7179cff917e6fc2195ce7251b92c4afb45e6df4f677cb5f899dfe81712e4d95ec591cb43da03a75d10d0d442a58d7efb52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    873c10856bb55626c2553dee2ced0d30

    SHA1

    377d6201c61600e12f2b1d912d8eb2ebbcb0712f

    SHA256

    70fb618935c99321745d29d8a2a4f32199ff8023598ae944e4d2c4489b6b225c

    SHA512

    ea4b682b63f3a5af38c6f34cf7407a56c9faef8d91bc20dd9f15100061a014c418b1c8da9a87af7140000610088888dcc48702b9b866aa84b24b75b7085ffe27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb76db2bb73da94dfff705727b6bf020

    SHA1

    d1381034951302496de4f069bbc9bc7ff061d405

    SHA256

    3b2e4c735388d1c014669daa44788df5c5f3eb741797a25d29b27d0e4f8ca6f3

    SHA512

    84f50b5051c2ba0d28411a7b7fde987a83b9a3f3da79fbbcd4ddbd4dc95e35b5c2e7c5fed5672d753e7e305e66f0b06b1cd96a543b44718dc0d73eeabe559ca7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61cd46435741e0f1f09bf34ceca61752

    SHA1

    ce68a6e908892a39dd7be0fa6dab172fb4af3531

    SHA256

    d62ee95cd2b7e6f2f9037428eccb6025e8731069f69c7ee7a590395b26e9222a

    SHA512

    7ad2e145360aadac47253616a56755c22d51776e1459df5261568d113b1d5c752afc2aaed763e8d531ebdee56bf814b0f572894cd429bb73c9f7a79e70828614

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9bc73bc668c861ce1beb610b16a7f1c6

    SHA1

    8eaf1f17c3b9cf17ebf73f9f9f3ce4889d14f786

    SHA256

    ea029d8da6759ce48fc83965b9083912953a72c12ce7e6e6779cd61bc94402dd

    SHA512

    8fc3410bd3acee61025cac7926b4f68ac50b1821d6f72786599b5e2b867bc8f904833aee82a16b3e3f0b13e946967e671fa93edcfb74fd2dea205f3cd28e36a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8531727ca99159f4fa56b974efa75aa3

    SHA1

    9748d6308b0cd36678576d5e1bdf6dad953c8a8b

    SHA256

    a3f88c52c184859fa2694702592133c8ea920c263bc171eb884f041db21dc1fa

    SHA512

    ea481b39d539cd030c540ae90c313c12642ad195619f84200c423ab9ff4a8542afcfdc38c7e76cfedf5408da979a86e365908bdab546770d43731a9ec9ebb60c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c51c1da9cf96b5aae5067e1aeae9d97

    SHA1

    26be776d5eb37fc60e2bcb28b89de1325333a8c2

    SHA256

    df5901a06b36b780acd708262e6cc560c7b03610bc2c1aef32bbf90253464caa

    SHA512

    2fc74e58d3ddd7384d146beaee7d31b468c5f688a34741b5ca236cfa30b0cdaff58ae5760fd689e883bf2cdba451d43db6831a9181828ecc71b996c8ec2f7d70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55ab486cf4bcbf290eacbedc67ed2a8e

    SHA1

    f9eac7a754020fcbe0824e5a80e8dc1f7dfa1632

    SHA256

    5c981839d698d6a565febd9cdd0b9d63add4e4edd782622d154f0299d915f259

    SHA512

    521945bffa7cbf520150d7a3631aad9534db425f63139f8bfd5a8ae5c99bd1f43cd5617f6998440b8034cd28dffbd8011304e2c18a1dc8a6187682588fee80ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4f1a6de4be2be74e8a30d1a89620104

    SHA1

    7c6e2131fa14334ea7b48189af50e02ca6058141

    SHA256

    e7d90ce6ecfe4d0fceb9668eebcc7178286a88b0ccd3b17e21b0072a7fd3e4cb

    SHA512

    65fcbf6a57dbd99ded1ee0dc6e76e60b6951aca1fa75f7e92768b30df6e0cc8ed2e8872f7a968576d3bb9c1e45005cace5e2fee946dcd5f9c2461f022c900288

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ac18b507e22f70f22582ae4fc207352

    SHA1

    a36f7c8935635eb9f8fb553eec8ac680cb65bb1b

    SHA256

    a0e926ad256d17d5df4b895a638c7c7324ffcc8bbce72d740ceebcf3269fb2ed

    SHA512

    947887c5e68917f8f417c8f3316cbd9b0631a235994ae738fd5d71bedcf8fee7b6ce154eafa3cc89cc4f998225c40f95d14ac34094b79ef3fa35ea19d881ab80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0ba5a824fec11b668bb9a24f16dfa39

    SHA1

    a6f9cdaab0f52e69ac3e37e725f98b6db0cd4b20

    SHA256

    5b3d6d949e45c2c07b701ca6321536272f4ca5185a5d511f2d5f8636f6229132

    SHA512

    7b14d4f2e2e05eef0a0c9618c3f056b5b10c06f07d3d1170641b389e356937c6c4e0ea88fdcab5a9031426c1195f17319f2daf7937a393eee4d7121cf635aa18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ef25b6f94a50be80135978e612c5ab70

    SHA1

    585979af3e654638d45e5cfc4d6d23987bb5acc6

    SHA256

    7a1041d7f453294aef3efb90a57bb2424978608ecd0e9b8158a341c277fbd3ad

    SHA512

    10ead97d844489c5e144531551a3a1f66ac0dca330e84f76fccfe3739db2707a289aa842b967f5eb508d4905bb00504163656fef60cbfed14dd1d0afcf5f6ebc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2066cf6a8dc25b380d27dce95aada7d8

    SHA1

    50520bcc04902b81f91194b99c74ccaa09580260

    SHA256

    08848f21a832fef9d91ef3ffcc1751d11050c1fb0322e10dc4d7a43e2e569022

    SHA512

    2e24b152cf901303a32639a54aa3b15c4f0138684898039d482c32ea1963827a553e9328933128a6d35ccbd2f2aa5f85fd7d16d0edd58527f5110f3a6283c0f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1528aca798af8d2b7e9588291b8afed6

    SHA1

    0ef54c5b644879d5ccfbf326f0c07a4d6ceb875f

    SHA256

    6c1effc72dc7f90a98314bd3380375f1fe07c57e3bb0ca6ac2c6dc2bfe3e1846

    SHA512

    73e5bd90a44464c6c5464c47231220e963256a4839d95e7b188f59fe6a42758b308ead26ec1a15ba163bc9d85ab6da41158812ba798fd93d1966eb7fb5daa2cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f649626d4b33dca9d4cbdc1147b082e3

    SHA1

    5de320f30c65d123f386400d94530eeeb3aabdbd

    SHA256

    caf8fc70cbc7e9e42fe57f1dd53c32c569ba550396fb2a42f262c014aa2a74ad

    SHA512

    c7cce6d733ebcf97b68607c86bb2986df1d1950e62fb803b8053ba4ed7c14a2c4afd113a8a5de8db071c176ef66f67a56ee091bf478b55868a2a4fd6200c9646

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7c97c932af6ccf6d20d27f38135ca77a

    SHA1

    f7be67646096f05fab1ca83da66268b0049e5fa7

    SHA256

    f117f1cedea87b1f696d75332e75a4db769b0a686c1be8f2f2398ac58a73be56

    SHA512

    49fe492bc080acf3f1a7167d563380dd5c8e9b7b5b66e9401fd3270063813a556ee10fee0c8192570ed3d1c7f41e73c8e5a756692a701a8583bd73145a52bc4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c36f18cdc3893456a3a36b7c2621a026

    SHA1

    4d8ef71e6952f87ee1a8ce035327b68b5e372041

    SHA256

    556d3b5753dd1ae46a76f87ef27edd8ae5f117a91af82b9a035d4b9e1fa3923f

    SHA512

    4ed205d24d5fb07cb9f2ab7409da78e7047a4f3e7dbe29a2cf41fd40e08afe39b46cbac1abf91e8dbfe678e15ecfc4b1d0143af2d7cd88c9ef69fb64d585e112

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE10F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE17F.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit