Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch04.html

  • Size

    112KB

  • MD5

    4685ae1d13a642fc3a4c6e7192abb35d

  • SHA1

    3eebd8acf91fd0d861a736ba9ccbe2a0d576e2c4

  • SHA256

    f02f618f040503a8539378611cb90bde308500d5dbd5f4cb6880963b6d7a4d02

  • SHA512

    d7d82e38fcba36e01c1d963aa52932b8ab52c15d92de5020b319444b93c4c727335ec0db57711385d7330ba5ae9713bf278acaa99ca64fad523c8ae03e76efac

  • SSDEEP

    1536:t0OEdjOaCG34Yyes2XJz83DonWBM5FWWLmWSWT8rQsY:t0rjOaCgWB8lLHLT8Qv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch04.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2760

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2bc6fd5eb420eaf6a60e78cb005bbab7

    SHA1

    fdb26ba803cf24eec3ed75f4e6c5c2dcf1e49255

    SHA256

    bb1fc31285a6695edc94864670a8aac158b8ce497d8129f1a68a2a60928fa048

    SHA512

    11b8654a1293354f51ffb73a1ff3435c0f4df139fa5a5f3854ccad60bc0cef6658377d63d62489cb6ad5102de0ca5f2031c321cfda8686e3e5cb69695ddc77fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5966eba35822ae33bf97ee2ad97213f7

    SHA1

    7e59fb999db8429c01de94920a846b41899d837b

    SHA256

    f74808077339128261d4e09ec7411c40ddd0a1d822ed34ff529ce5778156eb76

    SHA512

    3f45b654b77ec6d7572231a6e8fb362cf0e648680354c9a3d78552e96308fd7fda163139023a048303da1eb941c7b56e4f8f2e6f8da786e0d9856d1c0d0f1f4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    95bbd3674edb5aa4e626c6cce48da152

    SHA1

    cf50a0d0883f3de2202709f2621e1751a0ecc78a

    SHA256

    e416f04c13b7f571867f71e90b9de5bee3dd87f64f68e062b121fa41d94a801d

    SHA512

    4ffa70be5939f013099d7277f161032c11cb4f001368239d3e23274ad3e71ec84f556e69f2663389ca2aebccfe66089d0b4519df4f80d07cae3be3e2fb7109f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08d56216bc7129c5b41a88038a7e1b95

    SHA1

    0dff71e90a2e39a2a4af90935f1ded2514ccbd2d

    SHA256

    7037d3ddbf3743e0dd5bfe07e52d2e30db21ef79c470291eda01c2ff1c34890a

    SHA512

    f70c1f2982decf63292d593052fd83577a9679bf08f5e15a6e84d1449a61533095f89330eeef78dff799d0922a16c3485eae5119c5c41b5c4e2c6a6212fc45e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cb29f39bdf3c83a99aeaedb4e5ad0d9

    SHA1

    1954b59bd2110bbb84697688c8361550d9d75cfd

    SHA256

    79542da601a9daa47b1dc641b8e7e97d2ac6a733c2866bd4a4bbb67e53f4b19e

    SHA512

    910ffcc79467514262e643ce59f1d7754c70d7ac24ebe1bc438acc8dfb653edd6ef09b4811c7c8be1616cfe746fd33ab519a2f8f0b0444d70626f80cc9c4a298

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3baf1869b2e9eeca953c418b7112a18d

    SHA1

    05a4f652ed58d80d465176ec97956d867d0fdb14

    SHA256

    5732c301349cffbb33b6df49b980024f3d7697038ee43e69e4b1d5cf9252fb73

    SHA512

    c9c1ad5d40f702d787aa715659e3fd04c7ee27ff9de6530f39e960da46d7182b8019ceb42f583d586fd3a99744c66899a9185f3b46269832f7b48045b2243098

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6bf300df90e9478767c6dac8ab684773

    SHA1

    45c5d93d68f300b9aab79238438e03b0bd62ebf2

    SHA256

    92af94467f6811df326c45834242741236de69d03cf54d97a21bba852f8c636d

    SHA512

    969e4cf396b89b5cea8400a873d58aaac7494b1d8666cb239af831ec64ae0090549e90b9c445cb7cd4ee5c311073b8cad370f2662f660bce1171b69270636012

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c155f6124afda537f25d4673de305f73

    SHA1

    b06b2175947b05a13fdc30483a016e145391d86d

    SHA256

    806a2bd473d0da449d1e22eab445a019af20e5a923ffaf34669919c8488edb2a

    SHA512

    fea414710f40fcee179e00987ca46620d65ed6fc823ce29c56c874f6b9d5e94e206b80887380f698e3fc64d9678dfb8aefa1d1d0ce7dc5c3b7c0209a7402367a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    235c343b0a8a6c96dfbe11b240874451

    SHA1

    3ec5016ff1de4e2c14e9197e5e6b3bcb422ff74b

    SHA256

    114bdc11c08a0681a42e7f6c2f3f542d20a39e9e9d11ad03e746ddcd667e6597

    SHA512

    e743058b6360d9ca8373ae720fa99767ab0105dcecffeae7e835b36218a4fab4c7bd7f389aec91a65aa15ad082b2f0faff544327ab6aa8d2b34aa9ef8cbe8a6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d3fb9a308842f185605a1a13146eb74

    SHA1

    7627aa740122c87d3a81dcae329fbc71b61decab

    SHA256

    c68c079fb317debd463cce9b8ff0875349f75447596d26937e748b1c4279c26d

    SHA512

    08015749f3ad60c5a9ae081b572959b94891ab534269dd5cf336384f2bcdcf63e53b4ec0a0fad522111b9e68e744f4e381f7eb367e838577d5ef97875459948f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    452bca3649e6236a0b7dc42fd4d85d5c

    SHA1

    15fc16a88b37862fac7d13b6048c3fd5e5ba5693

    SHA256

    4303badad6534735325d6c004bf3c40131e6365bb6dd88f3bf7fcc8105a30c98

    SHA512

    9e44e1db997fce78bafe06dd9082726bfbec97491c2e8829bc460ad75eff86d90546d942bcf8df38bdaeb724065ce8f60bf973707a0b9faaf1cf396d6a7d87de

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6EDC.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6EFF.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit