Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch08.html

  • Size

    6KB

  • MD5

    6984b242f72c631918ff8aabc1aca70f

  • SHA1

    1e15ed4056e7533b3d0d2c181b9443d2d2021e6a

  • SHA256

    3221c03aede24badb5d5ce575b65a855afd691fbfd35d5e31f53a12034d207ca

  • SHA512

    27063688fccea7741e28910b5af395adfcc889bae34040672f5a0e69881e7c8606b8adfb70923805d684b8a9405b2e136113c958c562ef74331e2abde8db27b6

  • SSDEEP

    96:nBAvOHe5T4P0VVoIlNaLga+AK3fmeeXC2Y+6e2eate03NedL3n2AeVgonFPmnFYK:nyvOHmDlNSigSVNnXFmyGivNW/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch08.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2944
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2944 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2164

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97028674b38969662baf0b6e90e75c83

    SHA1

    9e65eb7ad69f308f4c04d5ead871769add65582c

    SHA256

    501bbac4e97e02e8fca9918e0ba007e2f6ad7ef23b73ada5b020ef2e242b5830

    SHA512

    fcbb2d36a294cf344b0c407438490a3486f950ebf4461536cd936b8698940aab255d7bb2da5148683ba8926465b9c25b4980bfde618a1f684ad38f090dc2bc0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    875840abc5885a3c1ffd8bdef45c0af4

    SHA1

    449248eb87fe2ac46e5e9ba504518efe6ff8bf3a

    SHA256

    d2f2d195b87aca2a4d031a689c0f49321b38ef6fe46f85d492636e6d8a45633a

    SHA512

    50581d663f3c6ec0cd377df3cf395e4d2a4aa28c936db18fbd0f4f0c0effc44e1dc5dd59454e588cc8a0df9dff85be6a5140cb72511d327f2aea24848e98509c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2157e0fc690e859c83a86b10e8d5ddf9

    SHA1

    1ddfdf5c6c0871f424b9da226a74e779622fae20

    SHA256

    9fa589b0a03601821d4d65a927e653e072b51347a4ea7fa821f7e7b252271109

    SHA512

    6ce8058cbbb314abe602bb43fc697d3f610e74a36c590d15c2e1ff83bfc3f0a1d65b4dd61610bf20506a09960f6284e0442a581171d14642ed9f6f373d19c500

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c852562f8f2d40b282ccbfdb4c783062

    SHA1

    e376e1b169c96ff827ef8946e86f203df5bf6ea0

    SHA256

    d9eca95e0b46ce1329fba923fc100e143d0bf55e1b3aa569a62d88b1436b3f03

    SHA512

    62ce6c4811b394060367696a95754e8af736d252f6efcca847269b3dee9b04a7a685b5974b0abc10230c484c7d4447b48ee00abf2854361a2deaa75c95391c77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    293ff025e12274e69613598d75199abf

    SHA1

    b5950fbaf1faf68dbbdf402700336d337fc95cca

    SHA256

    f7f954b1e3ac09c1fba9c89d05fc651bd28d858512ee8cd6d8d0402251f49d85

    SHA512

    0a7e4eb00a794f3ad78aa9bcf17268113ca3f3f8c26bf47791e06a7e1c96f14e64783bf710b1433d9a3274a5c9c6332136adce173d4dffb958a9b4bdda324ccb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfa9565824537a66b75e3669a7384f61

    SHA1

    e7703d9b1c24db36680257279af8800673aa312f

    SHA256

    033ef417922fa5fe136eae8b07a48c0ec58eaf345edf7632a22867626756e74b

    SHA512

    bc975048bd4dac1dbdf58eb8535b83cad411f6b664b1ab0f5054587c9ae82dcc3b2e8c3b1e4b711588411a5469d011a3a4c2c527d79a5598cfb47a208fbe01f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfa9565824537a66b75e3669a7384f61

    SHA1

    e7703d9b1c24db36680257279af8800673aa312f

    SHA256

    033ef417922fa5fe136eae8b07a48c0ec58eaf345edf7632a22867626756e74b

    SHA512

    bc975048bd4dac1dbdf58eb8535b83cad411f6b664b1ab0f5054587c9ae82dcc3b2e8c3b1e4b711588411a5469d011a3a4c2c527d79a5598cfb47a208fbe01f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee19862dd97fab5603f145d8b162c6ed

    SHA1

    f2fccd27c7bc2d94d6531a0b312d967e22a5e342

    SHA256

    9ca17dfcba1f40b444a421e0aa17aa711407186115001b57757be25c520942fd

    SHA512

    250d07d43ab541741c9bfac7bde318e384b2c4e3fa30cd93e1fd9cf279b88e4f257ec1f9467ec9ecd940fdb0528865402e6384df119955eca88a5cf86bafd2c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa24bf1cd8db93efcf9187b3c0159a80

    SHA1

    996b620020fc4f30d03b3601e4bf3f7c3b4bdba6

    SHA256

    510801e9cc55604a3025838b37f373c3d1e26882af9c5b36749bdc576841df6c

    SHA512

    7c0b0206f8a133008d4d43dc7aac163fd39c9c33ffef568effc4c75c06f90b7dbdcfe44b6d51bd035d879bb6ef6d297b1a14f4240fc8c5a86b16b9b8ab0d6f5f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f2c79cfd0ad883e514b234a30ececed

    SHA1

    099dae3866d78c7ccb1f10ac29c33305c68b1531

    SHA256

    03f33e3bfe7e7127a0bab4f86f2565406742ffc39c0682477640e0aa06138160

    SHA512

    07aa22f693f1ad4a1f00eb054d265def756948e1c632ed38273af39f88e6641edad028506bdcff32fb10aba90b8645fdbb92e0c0c561d0a0c634c54611ad3edb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0e8af555c6dc4045dc7227da112fd9c8

    SHA1

    68f5fbeb39a2183ad79d368f00260deb0e0779f3

    SHA256

    a4dd1c66122d00e897914f108226fd2bf2d0751d04d563f283e92636c7bbdefc

    SHA512

    8ccff359d1229d753e6ddf6edfcee5d0b1209f8161bb59a627ac6238927be77fa12abf1f6d045b62d2fd43fc37dbb6c680e74e32364c3734b1b6a188efa8cf74

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19e709828afc96b8daf13ecd85e818fa

    SHA1

    0e53e74df3bd2d8380648f389773a6fa2ce01d76

    SHA256

    92c368b18737f115cc50865010d2d16d69ac7113674fbbe880e40365be9fd24d

    SHA512

    7766839e6e72cad6b77696262ca9ab9dee08cd8fe9141499d47a9d86b42707e9bd8a3db82be200fb6718abaf0507c3e801d35b49adc2bd7639927f6ebbdf061a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd5600e147475b4cf9ad01a93e0bc664

    SHA1

    fbd673ef5ac139ddd5af96ff752d06caf1befe57

    SHA256

    49b36d1e2bd6ece4ac56aa2ed3d4bed25fdf2f204d8f7e8b8bef9b3de3fe987b

    SHA512

    e862b368feaaa5cc6e6e64328175276710596e80192731b132b0e9ba984c03d3395c05baa261e6da5a134da13f8519375fe52566adb0a526af6d20301ed17923

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    392ed7bc6f98e34b39e3f031df654875

    SHA1

    1445d708736509a8af8f9818fc54118efafa839a

    SHA256

    875a7f1842f42eb0cdccbeb80d28d87bc2040f7eba8adad27280c4637dae9523

    SHA512

    f7a35a7901004968451636ecaa019d1e3e0f3f4d3fde2135ae29da8af9322782ba7ef7922ec10adff5ba057877f17c43bd512520ceaa524ed2e6544a918b349c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    75eab2f2bef59f98868a4a0c8aaf60e4

    SHA1

    c017e45dcc9ffb5d3cc1b702ce26256bb980ad15

    SHA256

    0e36c453eb2ebc6d209f67727568bd9617999ea40e2a345be61287e229c83feb

    SHA512

    9f137a81c3fb26fa6834d5413173e53a6f1729277c57af3843de733b8a7aed2a03940de71ef1e448db8c98790656b615ed4f66e2daa470ea40617c0fa3ac2ee6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06571d83ebddc3301e1f17070d4fb3dc

    SHA1

    f24017f656150c43f127f02b0f5ba2564e318da7

    SHA256

    0992282250a8a3fb67683fde36f1e2c857d19a394cf6424dd6cdda2780f5601e

    SHA512

    f0c0d692cc908cc4be4cd82c669dedb11c7b59686e08ad7ce51f4636adc9f647fed2960f9d2fc11164712681376373555dc076859f8717434ce687138b95882a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25b8518798975a44f90f08f0f29cac02

    SHA1

    cdd45bf271f3e8b5e1a5258006edbf502888d402

    SHA256

    83aa567b3b8adaec4b8b8fb77eb93b020494ba23e701462f6f02a7aad59ee6f4

    SHA512

    23edfd112dcfbec43ca21d436ef33ef6646c1a3d877831d3cf8edf92fae7589f51ea6c636518c4f4ae717fdbad8166cb33f5735c10a70c66476e01de53d21595

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1780e3babbf4169c738a3f77261494af

    SHA1

    f07d94290795a2620365361219f10e5ff863eae4

    SHA256

    622df68387b63fafd79b666de5aaff76b84447ccb092e4575ad0216e769f5ba1

    SHA512

    00483cf539bb772c64126331013b3bf3148c33ff487659556dbea727c6ef3cb8eebf25546bd961f60457b515c7dbc093eb39b0340709910cd22debf07c7464e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87cae1463e5eda23dcf39b1e137e53ab

    SHA1

    4173e64f5a7b2874ca7c4d3f6de53045da54a2cb

    SHA256

    9ed5ee266bfe8bb8a4c9974accc9c2bf02ee580a71b533a508a89a4b27e95451

    SHA512

    b279d1ff444ac1491d3b2f0efce6d29dae3e2881763d1b0e6fe21a582a46626a1a4f8418e43e840bdd188d16e0af09f4b64312cf00edb6d51cdd46fba081980c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5B6C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5BBD.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit