Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch05.html

  • Size

    6KB

  • MD5

    e85c70c39106e145c60a5c422ec4b98a

  • SHA1

    7bec1864501e0c8c39d749a470c9e0eb9cad47ed

  • SHA256

    d3c71bbca160abc9f8f2c86059a342035057f041b4e86786b2ec59ab2a76bcab

  • SHA512

    0b0c4087f62ecaf2766e80e5ca5dbe1f835e94a2b7b6b6724ef1d74aae7a6e6281cbce9809e9df65f49db1fe35d6adfeec8224d348b83350d5f5a5aa86a5f87e

  • SSDEEP

    192:nyvOHU4cNSpnfiESkKZHlyK6Qar08+jg4gY/:nyvO0vYkY4H8Qi45

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1888 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2972

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          373608a3c68cef21974bb84bf5de470e

          SHA1

          7f09d0ced1b877675bab107316ac3b0cbf589cdb

          SHA256

          17c97404896374e5a8968f4628385b298773a96d80c376c4b9e28297e5a1fc31

          SHA512

          882458ed2fdf81d764abc63ac24d8af0d9ce36c7ff4e9e35235c262fabd094e7efd2205d44a75cd10fb6878f2e4e4d66f02fd41cd05088c30bade2a42d3587d3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          352db5c39c40ec68ad4a2dc85102a8ae

          SHA1

          4c3dc30eaac834da77a34cb73c008a51f745e1ab

          SHA256

          476bfcc7b7922c92fad6d3ee077e56724255b53ff69c20bc0f34c921b69a502d

          SHA512

          cfdf69f4d9cfb71e13f74d8c50e5f7a485e63886aafdad1e765ef7f486b8b340bb25d8a2b5ce32df0c5374637d64cbf939f48835350dba9e7e776977c5cb6d2b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          acbf91eae6c2afd9a67111f0910953f8

          SHA1

          dad4eeb9d1159a20bfa406acf6d25dec5fd9a378

          SHA256

          3b4bac2949c359c6f37c5cb5821fd43b499e4f7cbd21a51ebab2ff75f9841d26

          SHA512

          fb3b227fc72254f4959a4689bbc89af024317201bfb4b589fd6af3cb9c45cd9e5c127aec10e44b688a7ea767c781d168ff7fe19f16da765e99a67acf18c7749a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          536f98500b543e7eb24a78efea3e79d7

          SHA1

          3492809ea2c853671e0b5223e16389d6ad083977

          SHA256

          4939a60467e8f4d431b522196a0305cab12b16b17a969a9ff745223f34064b54

          SHA512

          93e23f5f84c51fa5d572c2939f0050b9452dbfa3890c888d75be52293ea48a763df35a9a6c37d24336a4372b2f16439135b9393acd1a55ba861426a1f1e29005

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5340019d9b7477ecb6204554bee26db0

          SHA1

          3ffe2abcb612b50adc87253bb6c9a0af52c2396e

          SHA256

          ce23a3402e3b9801c587d30540d13c728140ff31b22fab0874818a5e7d2bf59c

          SHA512

          33a5302436a0d2bb4b23f4af60c437311685f557d9464e8c26c5b9d82caad5beb6b7cdf467ec52a34c3a1dc5e55658b62bb9421320d413e6f5db6074e89b9766

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          54e01e393771c73b7ad9c04a4f92f112

          SHA1

          943f3de3301b7eecae9d50158383554373faed7a

          SHA256

          3be5cb32444b594588ab16c7cb5269ab384c0f307662f6bfdec07e1f9a681098

          SHA512

          b9357aadeb081ffe73b7ae986b6ac1312f87cb1667cd78fcab48e9d817e717727a455fd348e904325bde8086941e60d22cf2ebdf8be738de85d6f0b21c25c000

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          967a1eb840c32f20bfba8e4415042719

          SHA1

          b81c1026fa7e07f35d5fb8591adec6bb6252b9a4

          SHA256

          27187725a9341e59a3228e08e214478ab6d9a93692c481eebf63ea86aca06c0a

          SHA512

          993288da5b7d141d7def7fae36e5ff2f35af3a7e9acb79a54f72bae59426e9a8d99be0439fc0e4b1fefa63608726c2bb018d010a22a2f004a2ee2aebf4bd2e69

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          90a211567c4d36ca8d9f6f93eef66f68

          SHA1

          a1b005fe43cd507182427d32ecf8c121e4d5ebf6

          SHA256

          7065ebfc60c7f25deffdc32d3a04159ac1d7bd8677f46dd2168b838dc57aa0f7

          SHA512

          25417669690f9cdaf86fb79b33395cd2a3ffa16c4eba727f0c37938d635fc0130001a46cc986ce10c459f656e9a5192c7151a996595ccaa8159d05259f1ddc56

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ad2f3ef5a5f2bf3fa42f30e5c0b0c9b8

          SHA1

          0731e8eba0e05b976f165b700acbd5e805cfce0f

          SHA256

          32003e81a94fb8c05d6bb52229f50768c3de0a321dacdb302f00cdbeb4808d38

          SHA512

          7e4b5179914aacb5db1f637f3e207b9d5d31acd267ad7e128f8ab639841a19f3c4d07ca60f63b175ed88f48f0a7d4ee9990191bbc4ad3564c129140ed93e3852

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fab48886f0769b4017270832908b38e6

          SHA1

          6b391251d2b1d1eab455df313d90afcaa39dfac3

          SHA256

          4957f439552b4130ebf04113c9e10bf21b28591c349a5d02ff51efa48d7b1768

          SHA512

          e079896209a73d300c790fadd9c447cadb6580fcec7e687ed9c23b6bdfa44e884ceb61289a3d421d6524ecdf6c4c61cb8445771b13dba1d174ac699dd3bacf8c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          13e9ffbc9856ca767e806c8427acbbbf

          SHA1

          7120b5bf055f81a51ed1a461aac33fe8f862359f

          SHA256

          d52cd2586c0c10c829b470949c5a0ae1ce8668774f70cc56fe0efb1d6ee8ed80

          SHA512

          5caa37648351f7d3a00cb09400c1624bf40e61152b629f06318c93d227258780e8903dab3adfd10a98e52d002bed5fea4d2021c0be0c4e7494b8f5079f3c3501

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab6F1B.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarAA3B.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit