Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch01.html

  • Size

    24KB

  • MD5

    85a2e4b27072c13771f98d605d59e901

  • SHA1

    df98cf0d0d71826c2278f65eb73c21feb3a53853

  • SHA256

    f011660767339fb31a779fbcd692fd3079c82b26369b9bf058d666a8f1f51e82

  • SHA512

    e7cc87d100dfc076f4dfbb4da290a1492e1d85c8dd810f95f08ddf1526b6bb26ab9497384ae3eb61dcf64b8374e7dfa7fc19ae70301a7c61cc9d14c54ecad07e

  • SSDEEP

    384:yyvOgFYNDBJzYbLYLz7cqvgUOZTfDl+Cc86g9GpP8W:y0OfBpYYf8ZTfECcWctJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch01.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2988 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2112

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fd1b9a411285d24887fd95d67ec4d26

    SHA1

    4536153463b7b41b66cc53360edca02469295aba

    SHA256

    dd6a35412dbe915ece0d9d2cffdf037e79bc98b0037ba54a502fb36ec5f11b7e

    SHA512

    3d0f985f61b182d1771b1008005e41f50ea7087b376f1205b4c1a45641fa0c9167766f5e621365cf7607db3ed838d5e2082e32b73d77f1446240a3d51225df4b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b99da89cf7b2eaa85d08f31b6695be64

    SHA1

    ddfa9c172785a605487a83a7e25965f3f9fee9aa

    SHA256

    8b8f53bc029d6735190264243f46402acf177624ec9d57189e8909d3d9c7192a

    SHA512

    222dd7c257f1e651da2b5d13f2d29934b31dd2c3048f5fdf1bf739dde8db5b2608d9fa33327acc3ea6b2935dff83d466bff1be1dc6bae6c2b9a76f0502701b8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffd42a86f5cd8c0630dadb0d73d092ab

    SHA1

    a348c968179b4ac929768b666c1c52e4354566cc

    SHA256

    b6829612e36433120fbce46bd208bc1a3ca13c4d618c00530c64744ff34fb860

    SHA512

    7fb42ac85159ce3b4aac779ab4a0bcce35171bae10ad93799383b0e4d57e205c7b991b2d398982d47909e8da3a189a3a3a5b6181c77352ec4548c5a0c36df733

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    391848d16c6f5775f57a29b35f960ce1

    SHA1

    1acedb24e4d83e300c25f5b2c51b324ddc68d41e

    SHA256

    b285e02c7fb72eae188131903b45520ab974b595da39dde53c7effca973b7fda

    SHA512

    cfc4202bb99a4ed23bf2eba566caa371987455b49da09f0af2ddc8e0bf524250ddf31a38892e3f80f569ff4319664d01481e921299ef935e8dc0444dc8913667

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3bdc96befd921e105b0a869732019a1d

    SHA1

    6c2facb5a39195d9ed76a1466f86a21791ba0c4c

    SHA256

    406fa0b02dc2c13c0fb42e8b90862bbad989dd55d25fac7ca1944ecd0a731a42

    SHA512

    31d4d21457dc0301a7580d903a6ff2b6fe0f44dcc9fa17a962b460cce588ad56161ce5511ee03ede503c6956eeb9f5d4e5743e336fafd4d588ac5a8e3e57b049

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e1c96b51ef53cc2f01f61f6ce8cc88c

    SHA1

    427b2b09c1dcc8a255de5a81bf572060613e7859

    SHA256

    4a0f2ae6131465373208b6e7d4647a730234f7dd5b199b1e9930818a629491e5

    SHA512

    39dd27717bed6a56b312817ca9945f67890c14d68252e42952f1b2b7ec068dcf347fb4ff54324a54482e83ac58af1a9b2798c079c10caa4c3b43de9bad67204f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d4b1474d5bff6f87169a44075789821

    SHA1

    fdd8275eef3eb36053153e22c9dd774ef34fa068

    SHA256

    cb0cf31641e6081d8df1e452b38776b3786d8ffa25cfb3f33b53ce72d00aaeb8

    SHA512

    671993239c094680daff7b6932e65a1f229825677bae3aab76350759772c6cae3a93b48219e5f269732f3313b738d7ab51f9808e6c0fb0cceb588c12ca384240

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65e606a8f510d5340fa6fa9c62d2efec

    SHA1

    bddd383fe6dd25198d67e896f5f3e94090e321be

    SHA256

    7d358abb4bfc08dbe3af50b2ced85c1946ad6b619c8062bc32180e7b7f512558

    SHA512

    5b66b849044ec9c1c9d3f13f6bcd167cb362088ec67f77568252833fc5987ceed849769eebaad46d923f60541eba6b2ec4a021624f13ed30b1244524554adc1b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5A15.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5A37.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit