Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch05.html

  • Size

    6KB

  • MD5

    e85c70c39106e145c60a5c422ec4b98a

  • SHA1

    7bec1864501e0c8c39d749a470c9e0eb9cad47ed

  • SHA256

    d3c71bbca160abc9f8f2c86059a342035057f041b4e86786b2ec59ab2a76bcab

  • SHA512

    0b0c4087f62ecaf2766e80e5ca5dbe1f835e94a2b7b6b6724ef1d74aae7a6e6281cbce9809e9df65f49db1fe35d6adfeec8224d348b83350d5f5a5aa86a5f87e

  • SSDEEP

    192:nyvOHU4cNSpnfiESkKZHlyK6Qar08+jg4gY/:nyvO0vYkY4H8Qi45

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1888 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    373608a3c68cef21974bb84bf5de470e

    SHA1

    7f09d0ced1b877675bab107316ac3b0cbf589cdb

    SHA256

    17c97404896374e5a8968f4628385b298773a96d80c376c4b9e28297e5a1fc31

    SHA512

    882458ed2fdf81d764abc63ac24d8af0d9ce36c7ff4e9e35235c262fabd094e7efd2205d44a75cd10fb6878f2e4e4d66f02fd41cd05088c30bade2a42d3587d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    352db5c39c40ec68ad4a2dc85102a8ae

    SHA1

    4c3dc30eaac834da77a34cb73c008a51f745e1ab

    SHA256

    476bfcc7b7922c92fad6d3ee077e56724255b53ff69c20bc0f34c921b69a502d

    SHA512

    cfdf69f4d9cfb71e13f74d8c50e5f7a485e63886aafdad1e765ef7f486b8b340bb25d8a2b5ce32df0c5374637d64cbf939f48835350dba9e7e776977c5cb6d2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    acbf91eae6c2afd9a67111f0910953f8

    SHA1

    dad4eeb9d1159a20bfa406acf6d25dec5fd9a378

    SHA256

    3b4bac2949c359c6f37c5cb5821fd43b499e4f7cbd21a51ebab2ff75f9841d26

    SHA512

    fb3b227fc72254f4959a4689bbc89af024317201bfb4b589fd6af3cb9c45cd9e5c127aec10e44b688a7ea767c781d168ff7fe19f16da765e99a67acf18c7749a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    536f98500b543e7eb24a78efea3e79d7

    SHA1

    3492809ea2c853671e0b5223e16389d6ad083977

    SHA256

    4939a60467e8f4d431b522196a0305cab12b16b17a969a9ff745223f34064b54

    SHA512

    93e23f5f84c51fa5d572c2939f0050b9452dbfa3890c888d75be52293ea48a763df35a9a6c37d24336a4372b2f16439135b9393acd1a55ba861426a1f1e29005

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5340019d9b7477ecb6204554bee26db0

    SHA1

    3ffe2abcb612b50adc87253bb6c9a0af52c2396e

    SHA256

    ce23a3402e3b9801c587d30540d13c728140ff31b22fab0874818a5e7d2bf59c

    SHA512

    33a5302436a0d2bb4b23f4af60c437311685f557d9464e8c26c5b9d82caad5beb6b7cdf467ec52a34c3a1dc5e55658b62bb9421320d413e6f5db6074e89b9766

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    54e01e393771c73b7ad9c04a4f92f112

    SHA1

    943f3de3301b7eecae9d50158383554373faed7a

    SHA256

    3be5cb32444b594588ab16c7cb5269ab384c0f307662f6bfdec07e1f9a681098

    SHA512

    b9357aadeb081ffe73b7ae986b6ac1312f87cb1667cd78fcab48e9d817e717727a455fd348e904325bde8086941e60d22cf2ebdf8be738de85d6f0b21c25c000

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    967a1eb840c32f20bfba8e4415042719

    SHA1

    b81c1026fa7e07f35d5fb8591adec6bb6252b9a4

    SHA256

    27187725a9341e59a3228e08e214478ab6d9a93692c481eebf63ea86aca06c0a

    SHA512

    993288da5b7d141d7def7fae36e5ff2f35af3a7e9acb79a54f72bae59426e9a8d99be0439fc0e4b1fefa63608726c2bb018d010a22a2f004a2ee2aebf4bd2e69

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90a211567c4d36ca8d9f6f93eef66f68

    SHA1

    a1b005fe43cd507182427d32ecf8c121e4d5ebf6

    SHA256

    7065ebfc60c7f25deffdc32d3a04159ac1d7bd8677f46dd2168b838dc57aa0f7

    SHA512

    25417669690f9cdaf86fb79b33395cd2a3ffa16c4eba727f0c37938d635fc0130001a46cc986ce10c459f656e9a5192c7151a996595ccaa8159d05259f1ddc56

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad2f3ef5a5f2bf3fa42f30e5c0b0c9b8

    SHA1

    0731e8eba0e05b976f165b700acbd5e805cfce0f

    SHA256

    32003e81a94fb8c05d6bb52229f50768c3de0a321dacdb302f00cdbeb4808d38

    SHA512

    7e4b5179914aacb5db1f637f3e207b9d5d31acd267ad7e128f8ab639841a19f3c4d07ca60f63b175ed88f48f0a7d4ee9990191bbc4ad3564c129140ed93e3852

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fab48886f0769b4017270832908b38e6

    SHA1

    6b391251d2b1d1eab455df313d90afcaa39dfac3

    SHA256

    4957f439552b4130ebf04113c9e10bf21b28591c349a5d02ff51efa48d7b1768

    SHA512

    e079896209a73d300c790fadd9c447cadb6580fcec7e687ed9c23b6bdfa44e884ceb61289a3d421d6524ecdf6c4c61cb8445771b13dba1d174ac699dd3bacf8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    13e9ffbc9856ca767e806c8427acbbbf

    SHA1

    7120b5bf055f81a51ed1a461aac33fe8f862359f

    SHA256

    d52cd2586c0c10c829b470949c5a0ae1ce8668774f70cc56fe0efb1d6ee8ed80

    SHA512

    5caa37648351f7d3a00cb09400c1624bf40e61152b629f06318c93d227258780e8903dab3adfd10a98e52d002bed5fea4d2021c0be0c4e7494b8f5079f3c3501

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6F1B.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAA3B.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit