Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    189s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch07.html

  • Size

    11KB

  • MD5

    b1fe3a9e3c4ad21c999f8f01a9b530fd

  • SHA1

    f2ee17efe4103143be829e997ab0e8161c383ff0

  • SHA256

    1ef93bb537d4a437b4661bc2bd0f8f2a5e6b0dd3193b1e671f4648bd0326ba04

  • SHA512

    7fa2bdbc4133dd949d0ffd935aeb9cacdb73f64dbf9954f1b8b1af156cf63d82d9759142274152afc34b1c0b6b82dd8ffe5e43eeec2753c38d15a97d7753a3e3

  • SSDEEP

    192:nyvOHbiFNSMu3e9LfOThsorqgk9hONDkrK9V/QPxWP+YCBF3J:nyvO7qYkUhsooAFDPq1J

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch07.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2452
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61a015bf6acbb1b7ea39a7ccd1162b51

    SHA1

    6cbacfea9a37919e519369046cb85436d0b5b473

    SHA256

    fa78ccfe55fa869a790556e2b962ef8c2df9a793519e0cb228818bf89fe62eaa

    SHA512

    3787cab6f48ab66f263b13b29cd38e5dafb60ac7c43aa2106c55df19ae8f5f5d1e2c28a4e2da67fa6b507002a9e3a62e8f913a0108233ab3647551464a075d5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00b8ccac1efc3109b9131acc95460d53

    SHA1

    0d380f179697046bc343b518c57ad7416a1da719

    SHA256

    4326ad438d21ff00631e1c9a8c1c500fd3470416418b74005ad48a6a31fa3626

    SHA512

    76b969a4681fe5fd84456eeac477e4e22a1b9ec275057cb165197804e1cfe6867a554b7c1678273bb1a5ae1c73bef83fdd7297e5ce718a4eaa209040df30fff1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3822ad44e675e5c7a4795fae19f5aca

    SHA1

    739dc49957f42277c57cee738a4324a5ec815166

    SHA256

    9d40816005cac68ff2e1e676a8214c6bbdc340cb97e2ef9e89698acffed708d1

    SHA512

    0630fb9a0bf3ada05d3017475dc38025af0fd9e6beb2ee989912169d007b0d70917355921b85bb802d1ca9cbaeed2cfc82842fd0e99df00955635387420108d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9aebf8281fb4f04fa38caec835ec3f6a

    SHA1

    43ffc7af6efaabe29666d34692fb4966feed0a37

    SHA256

    60eea78f93fa589c9bda48348e3be7cfdf28f9b20d5976f49641898e76d68275

    SHA512

    522a04f57293c152fc5512b82d1651afbdb4426cc1a7f00776e5b7ca353a3ba6b975a6b68c8fc849b0d766deefe6d539ec8a06b92046c2ddf317979bece8926f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fc791e5aa246a97494e28e4e25f0eb3

    SHA1

    121515a88a2f66e2095e6e3a2459e78b2feaa252

    SHA256

    77df9e7cb460ebb4afbd1d19e0ff2415465e2764e8a01163d012743722a890f7

    SHA512

    18b810a84a9d9000e482e7cad23e4ebe66c26ee013d2527d17df5726ab495e03d9dbfd1d9b6418dc3aad22a1fddc3f12812ce215754398842278448f8c879827

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c041e24583a767b7288d5708c6811f9a

    SHA1

    3c37fe55a859f72d8311a9b574ba03072cd1f9ff

    SHA256

    1772f1cb24a72fc3573796b3ac317a6aac1ab3138b5b43882a993984ae2090cd

    SHA512

    2d7177fb4d2a2adf243eddb093db8cb4f39de68977344057987955206460c5bb6a4be342895d49e67558f82b4c5765a2d33808a6b704a1a4aee8d299e6003593

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4408898f6dd4d74e8523bf407c7aad28

    SHA1

    1678157d0501538036edef135de585d80021129b

    SHA256

    125c3c2bcb4502e62d9eb8fd307cf33a642cda2cf75496130a035dd3ca8bfa06

    SHA512

    08dd82bc412bc5ca6077fbc18cec098f893ece659374da01808d4f000d117cf272a9f4f5591fdf3603f4a0eaf7251c3905c98be05d320d200c08dfe1246edf2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    09d20a178da5f7aff8a4cd32619e90a0

    SHA1

    c74943478180ca58690b3e8e7aa8c9b056c5660b

    SHA256

    1d664a7bff41302a8dc79c2304cde7fd45f0925ed6fcce5adc4d36031fe5ed26

    SHA512

    baf49626636279b445e8f579430f8517b3b3f518cd14807f1b0e6d35a3e8dd114e85c66676e13e4063b635a2b3d8d84d964f2d0a580053e9be1b4a7e6b9b49e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab97FE.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9821.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit