Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch10.html

  • Size

    7KB

  • MD5

    db56655216d83a6a93f9af13656fce96

  • SHA1

    48476d6b9d9fbbb2e3c649c0bb3097150d065af9

  • SHA256

    432b08d094723e74b691197b5b6dde99b4fd8deda82ea3e2a09df7b38834b326

  • SHA512

    d9a83eabcdb235d3c0380eb6a6c8c63a8e51b2ffbcc89fc27f5eb549b5ea358b17acb5d2d686e4453209f05bc8b743fa53ddf5db5d5343468bbbadf5b2aa9b92

  • SSDEEP

    192:nyvOHm4cNSDZF/qxYY5B8nJ6SLEeV+3z/+dd/:nyvOGrYfqx4U3S9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17c3330bd0df8cbcf3087445efe165e6

    SHA1

    9b2e4b3e0208222c26c52c3940bb1f74ef55d741

    SHA256

    4174da4195707597396315ea229e8d3b4aade992a21cf0df708f1bad40c95ff9

    SHA512

    2161c574430af1af0ad89d9f1b1d4e2fb97289473cc60d4e44c5f10c90197db67cb9858de09ba4c1d8223ecffd0988a54293af873815c78e38dd6561203bba09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd536d8bf76452631e6e79946bb58212

    SHA1

    60626a69d6bac86fa36021b38e8473d09aca0279

    SHA256

    900c772372af03578337069c774cf7a1379ab2e8f3c05a55bcd27022b3aefd3b

    SHA512

    e9f8db6a2c0bedeeb2e9ecd1f1d0ee1eb63db999dd1c4d556965fe65c8133bb9b8bf48336c143c1439b90f02617fc7b1c6191b4cc899049df643ac67c9ab15d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb1c8092d258b6ddcf2acbf706cb74c8

    SHA1

    cb7d6007e1ed634db102185a14ac1987ecfe2344

    SHA256

    6159ba75aeefedef55bdd4eb084c3920fdfbd1f164d18d48d2e20abe4f7764fb

    SHA512

    317f4913e45a8e011908734d86026a9bceeb6142caeca74fed08b81ff0ac3ba3f16470b1e50ff462e8d70029766d5a0c4bd096f3ea9e838fc34af8eff0970753

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b014a9e7539e7ec5c13cf2094532ecc7

    SHA1

    22ca752669f7c49a9fd4020dd6c0cc1792bc688d

    SHA256

    0cd1cbed2bf229dd2f1fdcbdcac00a4b6e5648906fe92512b8d73427db10861a

    SHA512

    e3513674078dfec82d6a083239957bc26ed8bf770dffdded51900af97fb9f40c17e518aaf10ad26904da03fa844e062854d374d57ae9102e163ce40d6334f8cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bec9c604429f939375dddd33b332db62

    SHA1

    a2d5f7d6015962a15999242c3e0cc557c4e6d6fd

    SHA256

    1e1d8f3fb8b4ae258a1b5fe5e2a59d8499c47b4332a0efaefa6b5389dfa9827c

    SHA512

    fed10fa597be1c1feb1997a63878fc4f8c0530bcf61e9fb070df182b7a8ea4766944170d08b8fcba89e9b990b0961de15d502180c0b9566cce362e48c3df246b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca375fee34ecb150bd1d4cecccf80ce1

    SHA1

    4051a32f5ee417e0dc87fb4e634a1b125d297899

    SHA256

    2f7d24dfe589ee3ba59edecb86789d6de73e3913d7f3950ba3acd7663b6fdea2

    SHA512

    96a15bebbc459cb02543846974fd7c296b13e86c5685981f78c941fe0749b24b127be3ac1897bf7be2a4dcbb8ccecd04dbaf9e1c8c88e5bc30ae642e8a79f43c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb78b5c27a55ea6db7d2014d95a02b93

    SHA1

    c4854c59af8572af51aae1fd3cdd8781e7400584

    SHA256

    4f2d0301ff79f32de78a7cf1be52aecf33db920cf5f612c5576f32c8a4b10241

    SHA512

    1cbcf8df0f362a3610b377c7675d1f4328fccf9c929f2fc5bf23fed5fb8a0eb6be0c9c50323a92211b3773e28c23866d2c0e97d10894389295d8b011229959c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fe5be4344feec342792f83745e5fc0f

    SHA1

    4014c42ef3801f2df5e905ce55257388fe9a717f

    SHA256

    9e20b7ba38305a10a842f404c4eadbcf2c1ae6dd127f7735583e5f83f3dfaeb9

    SHA512

    a37a3556a9a809204b3c4f4d9c773764e97667aaedcc9ed13f8baaf2cd24e1839f431b918a85d32cda07b4356cad118ba764b95030069e8d5051b9aa6a671261

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03b1ab18799a0938310683231624ffc6

    SHA1

    be2d4d789b29e995e77fd93df8e17f98ed49564b

    SHA256

    871548125dbf3d6050a86bd3281df08d4cab256398870c782a9e29f314c5d7a1

    SHA512

    6db49fac5598df709e0883fee1c811da83ed73bc537eb533fe088758e477c080bf1d1fddf44c1d160f981ee487e7f6cab18e8f9b526d16d865d8a0638f36c2e9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC3CF.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDB29.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit