Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    195s
  • max time network
    194s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch03.html

  • Size

    28KB

  • MD5

    f87038b709268a043ca93337fef75700

  • SHA1

    d38065c55d297e3272d619a70038174809adbea2

  • SHA256

    20bac551162130076b3a8e6a7c5d195058c327d397579befca07c6fd389e5058

  • SHA512

    cfef71f1dcdbf32cb3500cf213c1ed96cbd6cde600914740c078c17aaa06c10239f082030b35017f3f8945b0bae5b9f499d66f0a3936e0e1c138237a91619785

  • SSDEEP

    384:nyvOtdYSEM/tRfDYxJCIbdjSO7vzpkjLTq7afdbYG7ReERCqha:n0O/tuxzbdjxvijhfdvRCN

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch03.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2824
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2824 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2900

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1d43e27162af2bb84cba743c53fb493

    SHA1

    47d8d70f5314c2118a1d85d6e1a10b5769faddd7

    SHA256

    dc37f0169d9e8422ee45aabacbfc14328e7bed0ad8d4a209d1c216fd4490ac57

    SHA512

    61ffa3c2a69c4b3eb13e62bd8d52d3732a76f87e8750d1a168cd8dc651e3295a65caa294ea98a880a05a7a5f43909f4ce7ab17a29d7756720829170f83d757bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea69e2bcc4a300a30064d7e3fc144676

    SHA1

    64bf31ae8189df9eb87e17389a79eb89bc80cf9c

    SHA256

    d3a94d722b50abd330e5f7fdf525a68a1f2d7e8d69f404a4cba2f48f34d7d8c8

    SHA512

    9940b09bd550175af08491b3f487c8e8e4dd8de2d78c5303c3bf55b473cf73cbde51bc088dfc8bf2f23abd0903381196f198d9214d185414bdc3ad1df811c09a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e148bcfc57a2e9b09d4177809dc2e00

    SHA1

    0a654ff133d299558e5da7186f3a985f8213816d

    SHA256

    3916d0037aaf8c7f59f59ec531265ee113f745ba786de6593675f0dd262363d6

    SHA512

    9f02e2a527546a1b3c68146fec73b570048fcb187b8a13e09efb1a3ea902423515fa72f9888d701b9cf93e407371262d8e7866d518815d486141a051910a5465

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3bb854c8dc992e1121485c56fd86bfd0

    SHA1

    72eccb073f9e7cc5621a0f2a1da06fbe66a4009d

    SHA256

    285f13e3684e08e7a226f89568850a480b4eacb3ca001abae0168c226883431f

    SHA512

    bf080e9273af6ff9da3d0460a0db1db1887afe83a5110b3a9698ab83c60492a8d2a2b6e4758d649fea43812c657a0fe51eac213f1f0161dde5f9726fe96b9bf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70f6c97aee4d91b9a3f6182afc553afa

    SHA1

    7ad89694113e62c68a65faf4433754e840b364ec

    SHA256

    e087546a393b61b08ee25f719685736b36c9c67ded4440c9aeb24b5d3db61352

    SHA512

    fa7c566ee7e5ee93ae0bc6e5efae4475db11cbecb8f2ff00da98adb2af0571728bfe71ec1f4cdfabdb9689a33cb0a5229d1268e15c32c6632d960c9215d59125

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ef2e8874a9be983143d6b7b35178cb1

    SHA1

    2bb5379b6c3bf596d079f81830237328223ae103

    SHA256

    2e03e8961a69ee14080c47e598ef513c856bdd81e2070004948e2f36954daba4

    SHA512

    fca592441eb08bd3f5e5f3cc4acf63ceb7ee4c8720a6b48e427e5e7d4660c55955282e5eda3b294d7c0ce7cbf0f91bb389b9534ce868ce11af11c7a5980d2367

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df5e056e1cde9cc66054063c1a1a0a58

    SHA1

    137d7e2c6af10be10910cc5ac2ce897c128890b7

    SHA256

    07a32d781bf38f4e9aee0a7052cf8d4a35b1388eaac79e0577f7dc5bc8128af9

    SHA512

    1ccd78598bbffa7033074c0fe5600b6e631d35992088070cde4323d7960f354cd003d5fc6f43a3fc3a8044d34b4b0f1584451a5d43af0c7694fe8a5ee72bdf3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    185bef56e0fd055175b60ccf84b8cab6

    SHA1

    f0e5da421b3761e4dd6d53754ce02a6e46383122

    SHA256

    413749f9a5e2bf37e6ef83c9ceb5e154961d785533a512e9d296b782e1d40f64

    SHA512

    93deb19097157a931658ed542a6ca6f6d6cee5f96026a73bd3c27ff04c718fb99df4b53743761b72452a39d534606c008069ab80c6858268404a4f8d1d3767f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b4f2f3f8516f80a35ea814dc8f4591e

    SHA1

    a1fab133fadf6111ce27185882eca392c5a7e7fa

    SHA256

    cec875633e463a93bc809b138f94d4633410f580d2b5fbaa5bdb2dee6a04f4d6

    SHA512

    d45a5bc21b8ddb6721d2ff9fdd44bd499946a0b9bce6bf80f211bc00d062c4ac8c4a9f8b43d87fb5549dbdd64eef85858f5aade344e8269cdc53f463c4f780f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b029325671242108adf831a10cc19820

    SHA1

    3ba1ad218950b07d3a4a54b0a5b0b4c49183e308

    SHA256

    57b9553702b0356ce12bb12e770f9c2fccb87c85cfdde6499bfeff0c625de387

    SHA512

    840874e4b19974c826232b549de1d46e44e2bc9ce983e58ebc165ab5170d4b54a6c43baf8f1d946f8e19261496f62af644c541d7db7ee3cdc6b5fe20deb436cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1cfde9c6eebd1404992c7f83fb2b16e

    SHA1

    2d5272579a7afbe1232700f0dc2f2b6f5da71acf

    SHA256

    64bd6bece2dff9293f5ac1b4059f61d31c475cbc214c6b0e012c0e75d960b81b

    SHA512

    b8b4d8f86c2f15022a00cb45db4b9ce0c25fb814c87908b92bf53abf1ffca1647379beb0391d272417bf5075432727032f4ef77a48a677e8a1830ffc95484460

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC959.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCA09.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit