Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    201s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch11.html

  • Size

    45KB

  • MD5

    efef12c0a2ad6883a91f5216f6bdd6f8

  • SHA1

    1e73d71802209988c2e53e0927e3a02e460e26b7

  • SHA256

    9c34172df4acd5e315c4f4db447207a5879e260afd509ed15d7c438d91de295e

  • SHA512

    2e3c1f38a1ac06c3467b2b1f91eb8124596875153307735355ba0dd398a305db68f134f21388876f0f3e12997596166b1db9b2a0721ea436d2c74ce730417f97

  • SSDEEP

    768:n0OG9PmF3B2vB1XJeBWhHG03Km0fAiAwhCJ:n0Ol6nJTWCJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch11.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3064 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    78792eb376673fba1aca66303121c4d4

    SHA1

    89e3e7d35e3537132e495104ed5d53802a08e61d

    SHA256

    0d3fd0c58c40b4549677f3b1af93ddfa6fc9000067df4782ac25cdb7e0010d1b

    SHA512

    8c5604487be2da01af1854b4f95733f7e449cbdde9e535f26921393a610b84a33e5b6041aaad2c0002863fb3b1e4812b3a8f0c0848dec006d2a7183c7269da80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    666a7c6322c976039cc8a2b4427aa751

    SHA1

    a0addb2866009da4044de0afd320c6fb5f67708d

    SHA256

    867cb8670086731246d143973ed2169a681d360f90918d4e679fe778caee5d15

    SHA512

    88cbab087906877ce3339cf73caded8b557eac08ce50ceb4d80e446a33354b33dbbe473bef9a26b2837aa2ab7779477f19cf5508ec05713cff3b6c9dc8a9c1eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    88cf57ebd7dda2634ff7bcadd8fe4749

    SHA1

    d472600406bd08228db42e42bb2f8c5d7332497a

    SHA256

    bebe2c92cb558d80008b2752df13ac2f2492a893b3f28ed715ce76997c017cb7

    SHA512

    0c52af90e2414b9814a4453ec23adfc3043c8b7c64dc8ebc7acb25f29b95eb01221667dde347f64db435a282c22f58fa1b6e2be74675a4c2fe120c6ed5257e89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    873d6b73385edc37b76c607d7ecce0fd

    SHA1

    6bd1945b4351ec75615f2898c18b900f4e3e70bd

    SHA256

    0b9455ff14c0c7b1203fc82f3a68bc450b0922c5a3a571309b688f112c162fdc

    SHA512

    a9f7588af5801edf749595f20bc461508ba4dbe78333a9aabb59fbdb2330793ac99e24ec36e12dd8af05f998d5c71bc8a350cc2373823fef9451b42955133beb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7af41918aea189683358e5096e6bcc8d

    SHA1

    7e2a49aa1393c3c88e2ba722c570dd496c34e32e

    SHA256

    04005e107df77332643ed25a2275bea78ec974d19a2914fa220ac8254ac926f8

    SHA512

    d1a6fe9b61466a0a9bc2f54c56a31b2c2b387f273be281d782f5a06cb51888deaef08e31d362e7cf6b2d2a2daae05aa04bcd3d14c8844fd0ce0aec0a1503654f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ae320d083fc465eda8006c4c8a60c15

    SHA1

    dff5c484d0017cb3af8ab6d314018981d92b25a5

    SHA256

    7337b36b5fe3d778c2b032c723cfe15439b165d40c74acb2686e1ac07299bd56

    SHA512

    a4a4c2e9d2e3bbf3c58aacac4cd2a7f78326446e8dd86678b835fc24592be196fb378ad4866bbb71275e3d8e6cf25a06322c952e7f40365abe57865b8a9115eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ba5c5d3ae963fc05fb2db90aa10145d

    SHA1

    aaa2f9f9a80b8142a13dfe57366ed23b6569e03f

    SHA256

    9740390cf3cf129e70f6c900fbde577c59d10e3cd8d88089c273872cd7728ef2

    SHA512

    6360852dcdfb64fbe677faf23a8007afd704d718b23a3be2868a6c438b0a28c2f51e63e43a2f5b6a97394d4e73546286e1677142d75585afa22f2024c8badccb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bf7c2aedd7e9f6a69a5b9f56fe63a31

    SHA1

    04211fb5291d3f7db0a919b8282a9fe260587ed1

    SHA256

    a730e88b798ea3a7c799d3d4daf58b446b1735540c8656aab5321b30ab9b3c85

    SHA512

    3e6aa5918d277a7ff4a87fca29a325819c204d164a2b9303502a2c5cfbc02119c925fad0b9b173e1ea8be9438ccc0ad7d8a7ce264f6e0e9d0a41015994233c95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39c8c326448d88987d96a9ad23ea0321

    SHA1

    2730ebfaa4fdb22fde2854754fdb6857f8b2fad8

    SHA256

    a31bf2d102eb49aafc908ebef069ce2d0d8706cf653c80d93a6755f26c186016

    SHA512

    c417fdfea8357230804e1c1103ae92733ddab4f4172bda98d8728f4a3c36f1d6879556d5358fb96f0376370f8c2ba366c5cc97fa2699e2e3e771e5a599e1a759

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e31b39780cc8ad2987b7f5e9ff8b0ec2

    SHA1

    7b06756c9dfb77ea053a539cadc5be50151a997b

    SHA256

    46de1934b6b8c6c576013cc080e9b0b45626167b5d1fee999198eb6413c808bf

    SHA512

    f4ffc1897f8ceef9e0cf5540bb9631c398fa355603412eee994d4dd22574e4fcca380ae555d3be0118af15a46ba7e1df1d312035ed23a18bc027180aeb9aa1c7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB5DA.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB64B.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit