Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch08.html

  • Size

    6KB

  • MD5

    a9b507788cdbd1c9a4e80fcf25a9f3a5

  • SHA1

    bcbc71502c3289ecf5e0a0cde4eb1cf755c4d117

  • SHA256

    ee2f934ad3dd6ad791f8ef7caaa4ad538102e0bb3fb22eb08dc670f7b14d65ef

  • SHA512

    d4401abccd05a04c1d350afa426b25a60a090406305aab6973e285a0463df63bb84798726ce204be32ca8ac2de91f89fc884341055faff5144f5e35ee48b44a0

  • SSDEEP

    96:tBAvOHex4PpeVoIlNaLga+AK3f0ejiCHJUDJegXLe5IeqK3NedL/t2XetgonFPmA:tyvOHDglNSieoWQN+XFmGGivNW3Y

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch08.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1940
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1940 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19f4ba88f45d4b5524af303132032c44

    SHA1

    34ec2ad5236842b5f377abb331930b00e8104e2c

    SHA256

    e3d1509046076fe3d6327b3c70338bf7b3712f8956cfeee9e9ffe4ceadc12f83

    SHA512

    e70081f189d37a2c259c0dc144ad9e010457ea0e7575e5b0d207601050474315071db318eddf93b57d423e9b5073c8434cea72b9155854c6ffa23816b144d83f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d0bf61a491892e776738580d860dc0f

    SHA1

    05cc66f608cffdaa1214475b5ae38ccc727931bb

    SHA256

    434019f46551d12acbfa350f77609b7f0b5ba3b9a296e05e882c6df71480709b

    SHA512

    5c427bc868cc7f480b75c4818155bb21d0e06862cdcc704a717c526ec5ddc7dc0ede926bc5a33f579cc7aeab14eb0b7d3a93657154774eb5760e14be2f3ed876

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3e4ddfaa16d0d28ef713043feee3272b

    SHA1

    41b85be7195b0f19007c335e2a0c9db7af587647

    SHA256

    47556d716a6a267f8007dde445e3bbe5dc592fa55df42460e24aed462841f952

    SHA512

    0c905d9f2e8a2bec9b6cb4493c9554aa9aabe9084e25ef008300345e06da49e7b682c6075040658102015fae2000cdb7075e592deaef0a0acff3bd3ecb114167

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95f81417d31223d2cede5e18e4ba72a4

    SHA1

    ce1588e2b06bfde334ab26186316dd7cd0e7a0ad

    SHA256

    a785c6677f3999a32152cc1834110e1fb2d83cb7f3e3061b7aef8bbc8388da15

    SHA512

    a856572583c0a60d449f4d5b6e3158d96bc8dd8131c6d6f4b152f660a882756464eb538a262f1ffa6ebce1b906c6fa7bd2675c0a48c0de6dd56052c5ccc2bfad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a62aa90d566e28163d91c56d404674a

    SHA1

    905068c75ef1994193203ff92e8d4be86cdf904b

    SHA256

    24a9f4f179dd80a9f46a7290722d954f41a78e0760ce6b40e4bd97982a6c6451

    SHA512

    64585aa13a2ab7ae1866e9195cd0d9f4e6b89fc1df70a873a6a5835e20bc6cd6a2abaeb64e3b29a14c5585a2182f76f98541586990ee29c1514986b589a11528

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e10d8ddaa21b2970878c9dc41f39cd7f

    SHA1

    2478f0fd5c8aeb423a5d27c011d88f12e8a370e9

    SHA256

    95df31eddeb35ffc3ed7284e6e75d76b46992ed9967ce3962fcd532bccd8ed48

    SHA512

    784d670470db89ac0f631717c03647d64b850b163671a4c7ee20e8105e11c5dc3f6ab525159c4872d040195d599a483e4a5c9b975b4d24bf7acf90a67d5a35cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c2a3fe338f93b9885d9d126fa40d3b7

    SHA1

    e6af48123e5989f7cfa37f1d6e3b7449ab0ecb88

    SHA256

    c887c9ecdb5b250ff77690b077f97e305157e76dc1394e11c6307eac17949689

    SHA512

    bbaf540e50ced92044d3e417d902a9c2b6d66b51d5a63e6be6f882b326ddde58cbfd439e93891e15686dcc63c3891dd6242809e97a2371f639eb2801200211aa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c1aa08f17c0806c0bc73bbb6e1f0fc8

    SHA1

    f69bd751bda87c103e327558318bd3557e56c8cd

    SHA256

    4981c5e2197539c32147f1eadd76afe7e84ddf395d85e9e83191936139351c86

    SHA512

    656a15f83ca29689b835c0cac4e63035cc60d6ee3d14830aaec09dd360ab4da4ea4f3198b7132536c710204a81ec6d84b8081f6c7c41a6af4c16132d0a5d27a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    615c0f3d3bdd408f9a54a68898257049

    SHA1

    13c7e8e68ec2fd122f613dec1c4e5389e983a79f

    SHA256

    be053e4ceef88824c082e8ab8f05b45079c231ca6fb2c71c37a024c4ab03829f

    SHA512

    ce009555cae506ff6c4b32c5e854ce3f7ff889a2b3279f9b260db5484efbc2896e38012cc68ac5d164d3bfd81ebeee64fbaa4ab35aeb141bdae1af45db670606

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab5dea8647970ed05a572ea6c4334bd3

    SHA1

    659e55a96e0465c6ab6063b633b3d0bafac17059

    SHA256

    af1c8cb9cee977e217261589502cc400937d82e99ba1d8578012cc7cd2cf6620

    SHA512

    43c1be4ac7aed29c12ed392cd1afd0cef171c63bfcfe581ba08d891e98c63f58c7b4683deb0785c1c4645d3b04fffd7336e99b01447e356d3765b6050eeb93f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af9fd7a71574abcecf914c29bd8bc62f

    SHA1

    5ecb889a887b569946925df0eee2f991b569d853

    SHA256

    c4e191ed87aeb17ad0585f02c235397c734b7f90c3ebbf8ae6ba01010a20ab42

    SHA512

    0ca5454fb83c1e74971885948760b7a556c3ae79e063096f33e3781f30e34b6546a0ea900eb42852bb4eb1a30d7f344447686a139095764155da2c03da184956

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec6a46652ac073d42b41cf1b92f5df04

    SHA1

    1e29ad28b28937224257d773c651568330cd7fbd

    SHA256

    1553b1b251a38040cb8329d73a772ab2bfe6d1d743fef38fc99429b950abd9de

    SHA512

    806dd5c13e6138c2f1a8db36600afe56f0624c057714c05bb7c0cffb01313de994a11f45a8ec05fac4708325642df660ecc73b8413431954c0a4d3a5ad91779d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    984d5ea017242edeb8ca9f3b50eb59d3

    SHA1

    4be1e7b23716d59727d324d7adc1a10e55573267

    SHA256

    0b6ac77696c83fba196c087de31af62e0d60157b185c470b5c806199429797d2

    SHA512

    9df3a0d0579083c7798dcbdfed9f85fff2c84e62e8b71e02f6817bb3dedce77a2fa2ce3e4c612a9426f9f555f88e9366354ac5013dd495d52da396880b20e748

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4c3980ccd6c62fbe4c9a627271753777

    SHA1

    c9d9a0d951c5fdc546fa52fc13972c809e40a355

    SHA256

    79b1b45e2e7ba51964956b9d364bb3a932074b080d7a608cf630b7c868391f48

    SHA512

    a2a5b059ec3319635442309bc68776142fc5f950763901000aa221f43be95c9c58c10f69b80f88a93877406044af0ed19bd5a084c251f39d91024a6c940854eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a91a92e966afba9aac915600604cb17

    SHA1

    7a5a4512c6ea772cf117ff8181007d43d8466d24

    SHA256

    6bc8856931ded0a0873764217ea6e94f2340c6edc74e9281850f55f2672cd945

    SHA512

    52bd512c0cf48d0a765c3f3f9b46fc7a1cc5e0df6539cf27ae4343e1dc2bb766e254ea5013001b42bce7f7973f3a02d2e120d00e7794c5d97d2e76bdf1c75043

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80e7dd39541bb4196fc2f5297e47c188

    SHA1

    97daa3b06025ccc04d73f20a771a83ad5fde7d04

    SHA256

    1043a9620eb4e7ae184fd963cef90487ab17acb7394ac3dc08b06da9ba24994a

    SHA512

    811abacc07e6a7306b6f24e53abec81f49df435d57e7225bcb575491db2e04183ecf0f53ac7cb0454998b76c64e5b84cb2e472b57728d58e653e846a169557dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96dfb1492ed36780f93ed31552ba6a61

    SHA1

    00e495004a6d59f530ae176f0117a3467a980db7

    SHA256

    c9cd7720b5066d8a704371822def84843d780b16d8bb0abd740acfea23775ee7

    SHA512

    7b354cfbc6e1b1c14e2b446cc76c085d2f626447848cca204d4dc9254b78145be90b1e4fcf6e12daf0dd69c346df5a3aa512654257ec6e8647c919518c97e7a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    73361c1d6345a9d538fe62da0924e15c

    SHA1

    27c9816551c776e0962eaaa9d788ea2c5987cf98

    SHA256

    ed5a4bf8b3616c04d2180586b806e1bca7fea974c259d7bce13c7289ed9856fd

    SHA512

    08f813adb6c8210f0a9708bde2d2571c60168723ac975cdfcd54025937b8d60018309995988ca35e46b0ba676dfcc453562b681f96a0729619d845ef0c3c7a52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a6ef913889ad292d9d9adb26a4e0bbf

    SHA1

    07d1b10004d463ad5b159b851649888411d98d39

    SHA256

    9a5d91de23cf647a9d0ab608353dd7e3181bd9bd8fda728eb6b3f3055307c23f

    SHA512

    5876681c58a7224a10245b34121b5bf5f611e905ffd61374273c0545a81230318c98caeedda2d394cca78c086bd5bd82c0f2e0408abe9715ef94ffc2c4430803

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB8A8.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB918.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit