Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch12.html

  • Size

    20KB

  • MD5

    c05fe4d2529bdac90f71a51a84596f8a

  • SHA1

    aa16db56942df9d72554d5b1d93d81664443eb63

  • SHA256

    43886aee7a4deda5f3b942de8a8ad0daef5c2d70160faa940041fb270068c8ca

  • SHA512

    3c7bbc2d70f818b3df000b00c023e7ee665dd7cf99f32cb3fd3354f980ad2278b7058c6a36320186b47d57e6bbc7469e99f191b0785e247033814a2332ec4004

  • SSDEEP

    384:nyvOMbY/iAQJWovWwX7eQQbKcPOvcqcgyQdv1fYSGhJUMu/kHQmJ:n0OkAkWqWwX7UEcqcrQdvJYS1Mu/kHVJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch12.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2220

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4338601eaf685848e0dd42e747f1762b

    SHA1

    a52ffb8058e38d7aedd9de41d73bc07b564ba7c9

    SHA256

    2d4498eda3ac42c4f6d7f0b77e8b3fda32f867b92fb6f047343bc231bb170dde

    SHA512

    75af97d72932e2b76b9691e8d234eff660381d3ed78204ed9784cd0eea6882c6a26e0709dac3a7ee4e1d6c08d098f97adca3f7a64795cf004e96a906a8ae606c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    177e0395963eac1f7f3d27f1c265c036

    SHA1

    a9f1486fc992240172f05bfb963f71dd1937f4e9

    SHA256

    b9dd52af7c19a76da1d34d5290139cbb01696964934bf0df90bb7b1e4b03d503

    SHA512

    01da59518aac69abd47657aff8fd8e551fa5cb4a711814057f36a6dcb9c56545b978de9d11b2f503cd14444cb9700090f34ed4586b59d758f6f5badb490bb098

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b31b926de734aa36d345e0b6b90fc5b1

    SHA1

    455a2831256c0747cf2ffa38e38909fa996a3531

    SHA256

    925a128ebaaec576a31a9aaf4c748d455b94948de06d81afe43fba411ce94288

    SHA512

    117cff928559ca5b3c862a2802e416337331990fd94b7bb91316086b1e5f74a651c66d800700e6723ede97148e1b8689f3975c3f67583d3489168798ef7cd644

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    81a1d8672a16177483c8c8c29113927f

    SHA1

    e1a4ae0a7aa7ad0911b78d4d37312dd4bc817a4b

    SHA256

    60730dbc478d5c3d3784e2ba8036868a7941a5fb5aca5c2159da65899f89ef07

    SHA512

    ad5b2120eb447eadbc244d4c1d18ef023fca6a0d364d24e4d12b7e72872d6a6aa45c446e0a5a2f0ab9dcbff359ab28fc6e7422749ec4363c66d0ab2bea645aa3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48df1589e93a69d814797e8dfba60b60

    SHA1

    56dc7fd81ed681c8c13a245a18925570caa34507

    SHA256

    59bafd32bf0dbabf9aecbbe3a2d79372801228c98e01cbbbe9b5e341a22ce475

    SHA512

    a31963e4788fe4082ebccc658f2c452000418be63896747f4b28e30e864b0a51313b566347bda0deb53a6198cbefc6b56f07d72287f48078bf7d5d7a0b6ba5ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f1afc83b91250228f7cccdc61a61911

    SHA1

    61f3e214787fa1ec9c1e6fbef9b7cbea8327a6b2

    SHA256

    8d72d23b0ff85265418a76464e869d11379eeb92fd3455bde69e2e08d58874dc

    SHA512

    2a9b4d7ade72e164aa2eae0b7d20f728d763a679688d91f7300e0cf965747291297d809179df9435136db0e7452e8a6056309be68b4235c9ea81f15437358cad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a822ca44e107302c0f29cb7e72ecde4

    SHA1

    f33cc990f622d7f3571a074e8c41bb61e162c431

    SHA256

    12e4de16659bb1261028df951b4e4785b370725683c7216ce7d24f8975e7669b

    SHA512

    05e9f20d0473d35c1a21e29db3e76594716f04fa987d33f94211bf24b019d6921adc80fa21a293441140a5139eedd2acb99da04a80181fa506b9d8fc44d4a3b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    254dff0546795d898c3879f61d21107c

    SHA1

    dd3dd7caeca2db35c68d2ca6fd9e6cdb6ffeba13

    SHA256

    c19b906cc8fc5c5a1ebfe45e41560d28ee31e0bece93c0bc1a446c8e4d68f2af

    SHA512

    d4b1c0bf2cd7a504d45c96c00eb19591d959e55951b7a77ee4178186236200bcbd842cf6f7d80c6a143e905bee057dff272c25d78b4a40197abe7ee6714c53fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7e85abb55b173fb9f87553c9376ba84

    SHA1

    7ec560e65943a904efd5d05df080be1836df7b5b

    SHA256

    5295d310a40fb412001f23e2863e86b16d93ea6933fff9c38143e83fc30910ba

    SHA512

    cba892a89a8b84a5529c3a8c958bf0732fb1e156c4266d626092e2f29f10115670d20d54267e46d147c0a35df16be03b0668e6baeddda095bad0706ae5b566d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    72fb8947928d7b72e5b598437d161c68

    SHA1

    eb54c69acb8286372f0be36056e9d60906672bec

    SHA256

    53ede8015a25affc98f649b052fa5086bcc0890df5490357c27a9f97bb4147b8

    SHA512

    13a957124a4f5bf16462a0ef332b2cbd94b2affd202fd10fe8a92bc32362bfe54edf9d28f3e2e1a64a3200249de5f7b5ba00532bfba1632b782267986fe47bd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c5252e6a18d739501c1c7a45f443879

    SHA1

    396efb68b176b8554d618a70bbb7567bda7841c4

    SHA256

    1294d8f925d97c0b0f316a0b8eb1d68a05b521892bedc2bc3d9ba0a94b4be29e

    SHA512

    b708347b3f7c476f46978b79e8d55bc1778e933306dc09dd7469c84e7de5cc8f32ff54d4bb2fa8cd2e05ce92c14f8e0e4b483190b3a122994db143ff097659b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c41dfd4ec82503a7ba3d533a4bf7a677

    SHA1

    220f48f2100de7b4ff48c3744d81d9d6907e5493

    SHA256

    ad576039f5dc91167e5cecc6f1e4f73083365834f0bdac0e9a8c503d9fdb96ca

    SHA512

    e8ce55e93e208ea7202c79c44ea2fd2c4f3b31ebca7afa62b2eadd57b16fbeceb3497552f884c276fb748df8a4321e8e7e1b49bb6802afd6101f2440f934c7f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    849aa4129a62a5b376166aacd1966c3c

    SHA1

    f71e9848aa9791e578d521b3fb69f3a0c00852c6

    SHA256

    81285cf08312a169a920c43d8d41ea94281a351b9c616912ac322b9e0b6f6c0b

    SHA512

    e7a98640fe4cc20c47339d93799966b1f2138732978d42eb8250033bce00a4ea86ac5e0bbbc9064b60bd1fce5ff71afd9d86c077ae79d1d00135d5171ce32188

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41082de10a1626d3b2b36be54f068c87

    SHA1

    325a33d10fcbd3268ff5801260fc241ad402d8cf

    SHA256

    4d5bc44ecbed5a83e764046a1b472e838a441ce15736b17e51caaa8141e30f77

    SHA512

    19f548585aa3e3ff96eadd2326993ef1749356eb7dc9df177c910628078bf58211d35e013f9d6f1c364373527485c8f351e425f52a9dbc2f9a73556ed2eba805

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    721983cf8e440efba3c9354e8c31b32c

    SHA1

    eeb4d6da51d067b125563acf35a6013138cf0b99

    SHA256

    9def6ed40e2462c9911a968a30255e8464c4759ec1ca0e85feda4924515d0885

    SHA512

    55349348fcf0580834f150a1aa0a40438f9f75e13a9ada958b7cefd4337ffb529ed310951d2e9952f30cbe29f22e9f8168f8f4a244d1a49d396f0c829e3a16b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fb680a7c0407723c432b684dc1fb78f8

    SHA1

    4c1dc1b55831ea0b87cc08ae31b6eb968dcb6523

    SHA256

    9f684f8858fddb6f67e5a85323f34f19d876c03551d895f773b15c1e4b65f7fb

    SHA512

    d75211d7c9e26caaab056fa12ddebc5aa5d057703eaf387472c6fa722355986c9a2e68c0e61012f24871453acdca1a12824d36efac104c2d3ecf6ae1ed8fb32f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e41692b9c28d51709eaf27b32af5bd3

    SHA1

    71ad73b46aa226bf395f3bee1028510c7c9bb6eb

    SHA256

    e2aa6e0532d195666b06e66653134d502ec3436f3fd211ac50c8de1caff0fed5

    SHA512

    e03d359d30f4ee51530b910e6a94ec264b97f20ea84cc08678d64d27b86fef573b75645123be87645b9a101bffb40dd0ed4e7ce09132341454eca1b94c1ae6ae

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    48150b8e06382d0d53fed8e0ad6cb833

    SHA1

    a82fbabdaa5811dd82f3fabc4c2e7c51708f8097

    SHA256

    b85e13b2b56ed2bb57f602a2d0bde3ad49f8808c6486e28acbd8704b2bac34af

    SHA512

    fba6e0c96b2bd4de403899e163a3c06f0ecd825c051ece1c7927265f7fa1f1f623b326bc13c218ceef36c61a62b81d5a9e28795991cff30802cd66bdd30a7bfa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a9811f31d91a28b5c9b3c8fe8128fd9

    SHA1

    5e9d620ef6b0f20cca030f5e31fd258474499475

    SHA256

    847dcc138d945cd039b7a1e3b60064a24ae15cb15f7017f141d5fe877c91f10c

    SHA512

    cc494924ff918bd9a2fabda6f28bd1291e91ce25c23c50e9956fed8deff08e22ea200c87376c3d2d843511feddf2f3509c7d20c4c68d838aad12295c9ee89a04

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7810.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7890.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit