Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch08.html

  • Size

    6KB

  • MD5

    7c2a42ea39667482b5669bdacfb4dded

  • SHA1

    a968638219aa11e710e05745e8dfb32ff5c5b36b

  • SHA256

    c6e279c25d4f2dbb9e2c2640176aab202d87ea6ff67bd173e8e5690c1605ed3b

  • SHA512

    afc375c79c90a0fd2454751c9d5a839f59d069dcf5720df1e1925b1b3d034700156ab076d25bac06b5ee9af8300636dd3c57adf4421ce95aa835566712be073f

  • SSDEEP

    96:nBAvOHev4PpeVoIlNaLga+AK3f0ejiCHJUDDegXVehYeq63NedL3n21eVgonFPm5:nyvOHpglNSieSGgNcXFmWGivNW3J

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch08.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1908 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2240

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db7b96f6fef58bcf10df79811ba88db4

    SHA1

    e14ec116b1b843966c5ac4ff4101b8b6716f4109

    SHA256

    16be22f786af04a85c49e18f4b5dca528ca33058257994e94f043560d8a6cc03

    SHA512

    ecc8a1332e5993436b715b0a12a7f891721d002b2fdb5e0ee22f271dc9e128841503ca4585edcab80d0840f83a5d971c4b4c1178cc7854e09984f8e8295d0b4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6ad5a07c75b5b7e4aed1d75e1d324d3

    SHA1

    2604c5120e12cd05244fb1427e302c65946a8d3b

    SHA256

    a34ddc3f1809e7184dca26d19cc128153ef1f24cb36dcd9858c913dc56552fdd

    SHA512

    44cdd68c54ff2368ff621c24ffe8536e6644379104cbd88c46d4969647df1870a31cd3a1f3ec85824c6b6c0b1d6b989cc93a0fd076970bc64e6866e14e5a455c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6cff884150c3ad8866914c63b3cc9513

    SHA1

    18345917d913cf1ffa17b079a88c90434487a491

    SHA256

    9e0547f18664b9198091099f04af84fc6e7b1fd11ff58a8b5b46fac14793c855

    SHA512

    96e34ed293a156f6ea7ac3efe8d396106dfb8826634bae712db55ef1f4f46d893669400ee9bde705a636b8dfa6099e8181a7edf223d3f4f31eaf1a8d4f26d51d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e74fcf5502b786048b074eff1da64834

    SHA1

    d4ce44a8251d05cdc11f6a1d0e4dc99685800ff8

    SHA256

    9de6b5dc449f63f84bf3ac905c53d905a3a018fd35968498a3ad60c108055062

    SHA512

    dc762ae7dde039b4b596e5488afc2ded4c913e1003cd6e07d5e08528c9300d2edcd565810e6560d46733165fcc6ccc5e71afc1e68d76fd15a69ad4c7a31a575f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fad10b1d254b8ebf38e6fd90c88cdf4

    SHA1

    e3ca2801f3021012f418ac1223511d3d9c396a2c

    SHA256

    0ef7fef9145d20f9a5534247258323f72e3b15881bdcd0f946b6beb734622f9e

    SHA512

    bcc2b6797f7f6ea076f1b32baf1d3bd158c7705998dd9a679b54b2f1e62fa8ee923ac99c0493a18f80abdd90b6c3b4cc54461af64c7d0bb035f2474f42da5374

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    487b075a299f0a29866d5a2aebd65b62

    SHA1

    e3a8d07293e9ea90f0132b07c6c690f79fcdf0db

    SHA256

    f560e2de7f33d0235b85d0d08081960c68aeb653964b3928f0405850df99128a

    SHA512

    c1ffdffde5b6e5ee951c464f490bb25d937cae8a5f824c8790dc2ced20ac62871dec1c64ad1474852b4ffbd796eadb775309f5ec567283c37f38f0ff310d7a42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0a41c52c255a55e4a3762cf35d79e6b3

    SHA1

    ced2a3f5b900eec055622a137b73efa06e6e3969

    SHA256

    30dab46d50d4158d88ab533727152a6e95a2689be9c4c45e9e6d1b10b3c5776e

    SHA512

    cca2202ece44132eeb99cb55f75f7904c52c3b73a2afb3e0bdacffbbd26311d71f168c406872fbda80167259421466da78c963d3036b8265aa1ffdb5b56c78e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cfd9dfd3b8f46d5b54001affa20d1452

    SHA1

    e8b7358e5105027f09dc538939862e49f1b8316f

    SHA256

    bc3fb7947339b87f7b575bef22189d1d0f704f90e758f89b430171b297735b41

    SHA512

    1302e1ae65d1857e3fd53db32813d91088d8ff5d6adfc4e3190f7ebc5fe5f0386bcc33583a05ad81235c136425f5344eea906e3bcf946023fe5eff6d750c8e56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb1c638773dddea62b3544d24ba8db4c

    SHA1

    0b1118d297c4958b047af143839ab7f513fcc290

    SHA256

    5dda93757d49a1820523858598135f9ddedb5f329ffc0e2dfa1883f2a99a74b9

    SHA512

    1af200744411594502aa13e982e9ba8a972b12d03df50230698fdbaea60a453d6ab03408490fa0f5381f3fbe8cdfe6ae671df14e96db5476a835ffc480d42b59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    450f52ec2203b10d51ead0883edd65ee

    SHA1

    8593421412db50f523de146778e3da2f81438231

    SHA256

    48c24af238dfa8fa61870e123c8ee541ba41690feb3678c6a3e61f3211bf2f6f

    SHA512

    c1b00d21e412bf3f742edeb61b5dfd7e40823bca717a81c6dc6819fb3526439d5fd520938a75ce7187eeb6d53df4f01df453e6e6cbdf34be24008153911570d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cf7f7688e6836a7c66e983833697c2e6

    SHA1

    985b504aeb47bcbebcece64907b450cbac92c1be

    SHA256

    7178bcbcc173c8d7abc2c63c2386bf78d1a21877e1a290b9d8c1e6f417384605

    SHA512

    90758619be2955cf2e0211d6da0d02f9879dfa6add30182a20e6de32185386060da530141eb0c0a8cb97dfedeaecb67856c710885647ec4c64f6f590e79b3aa2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a01b905613dd9eb4d01145682af932a4

    SHA1

    0f38c705158c91bc331289ac5681b55c10048330

    SHA256

    75f6cd0ace69c8400bb9ecd5909d6bc82c90c4c48d0e302758632ef5db3ec19b

    SHA512

    1bcb0a60b60259c3ae64a92e5fcec459fe9cbe2d629d50921f64cb8ad4930ae9eb5e072767109c69198d780fbb2ccd4b794b70518a16b9dcee3f2947515b227d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    58cd661113ecba0ede14987c73258022

    SHA1

    8aadf99d9b9ea07ea149f2a17b3cec1a921d599b

    SHA256

    ddd56013a7aad3e0b4396589f74590f133d4a29851d86677f74d5a6adecdb231

    SHA512

    e9dd58fd9d25152a2f04ddfe26d22cf7a50bb6f1bd97210e0e4dbd47a6ddeb3201fbc9ff0a80e9d6f6a33e80e4b4afc2a2a18055819a0aa307c81dc547d33571

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7eb543a4155e734e10def620ebd9cbff

    SHA1

    6fcbb268a72b5e5eb189d4aa2f4831a529bb8695

    SHA256

    456f95db60f32cbefa55fa14dea98724c758056e21579e75bd3f9bf4a11527b0

    SHA512

    834a85b9d044a45395be7c6f486af7112d3ea02598842edc15e7b065769637e226d6d73fc6d50dbf844cf2845dabb9ee7886c9b1e51aa78709f422e5efa6731e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    114a984ca28a5f4b0af36e36b43ff558

    SHA1

    6bdf522380a6ca09bbadceef567326e0b5a20a87

    SHA256

    035c65fa446a8c42aca0b853ee3fea806f61c6a0c509f15c2794280f4656c853

    SHA512

    d1ba36ab4fd7bdb2b883e6d2584f010874c0712afacfb861c6426c86dc32c3adea23302a3990bac00b8c677c773e567552f3111fc67d4810d8eba1caec8e4d1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    421a20bf746dd4f3d727ead66737c506

    SHA1

    b2fee512e50671a8b8233c6e3fe8f826a2a36ac2

    SHA256

    5d37fd599cbd32106db6b2f165e538fbb96dfaa06ab34b3018e888468370e93e

    SHA512

    10e27fa253aa50c2dc7da66008fa851ca382f7ff67657965611dbac68833973d70def5c4ff545fcfaf92481c11adade3646a02ab7662ec4200bab5475ab7886e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    201e39de7671f7a03e8a0d3fd9227c27

    SHA1

    d6c4cf9cd6b104dd90b7cb3e793c80e61978af07

    SHA256

    43714c8289d28296d4c186da9b374daa40dc8d55fc4442bd58c92fcca832de6e

    SHA512

    23fe8e6fe8812bc46b1b72037259821a00dbad8fb9e8ac1d4cc250afb3ed4923456067df3378e3bf239d4c4cf3fdb67eb89ec898d1d1540cdbd4e1815215531f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db7b96f6fef58bcf10df79811ba88db4

    SHA1

    e14ec116b1b843966c5ac4ff4101b8b6716f4109

    SHA256

    16be22f786af04a85c49e18f4b5dca528ca33058257994e94f043560d8a6cc03

    SHA512

    ecc8a1332e5993436b715b0a12a7f891721d002b2fdb5e0ee22f271dc9e128841503ca4585edcab80d0840f83a5d971c4b4c1178cc7854e09984f8e8295d0b4e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6385.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar65BB.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit