Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch02.html

  • Size

    7KB

  • MD5

    9e2471d4ab12f3da9a08a8b2947ddc5d

  • SHA1

    80fde91ed6c54b0698ad70c3cb9ad7e085964bdc

  • SHA256

    946aaaf139c58eb4def1cb9a91533750e6da90c7f920f75206b0605f6b05e546

  • SHA512

    a6207228a717d32d6f7ebcc6115321703dcb3cfb62f35efe953867c244c35a02b4efc7f83cb4b42e7806db7361df6b1e65dba5b400c4e271ca101f30222103a5

  • SSDEEP

    192:nyvOHJQlNSgqkDqjc+EmmGDdrvvI16vU2UMzl/EHzTR4nV3IuFm/:nyvOpAYjvLdnUm5O

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch02.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    94a9b77474ba2787c51cbe76f6d7a53e

    SHA1

    ce2d0ef2873a21d2f45f0bda04460848a310fa1f

    SHA256

    e8aa058c08ad81c40c8f26b6c45888a083a598b53b024ec0b3ad150fc5ae60d4

    SHA512

    bd6a91c120e50919bfdde2bfa5cecbe9fec208b4613214469e597786e214d42cb25cdef2dbf0b212f9db41ff023db3d3b2f6dcd5fcdf6d7f986a158bda396200

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c193c50dbdf10a73a8e1237eb6daa9aa

    SHA1

    e3b96da3304890077693935ae50b9dffa99e8f1c

    SHA256

    475312648b5c0e20ea71c0bc550efebef470eab36d957bdd57ef9679170798ab

    SHA512

    e07e6007445d94b92bb2d47d43159ba9151f38b4a86a5646001c128c5368e809cd9d3705093f8442f8e62bcc2f5c503458f6456731aee036bec2a8414fa06683

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4bdf6c7fa1cae5de65f79b0ce455cb1d

    SHA1

    852fd1858f0447780baf18263a0a040c578aaf66

    SHA256

    87f12c78099c3dc26f4017d5224cc76d25f106856d015d995296888f90489aa6

    SHA512

    146a7871e420536ce734b897383c033eb7cc61a6cd84255fc195bf8ebc266dec07b4252f75e421a8a01a6c3671712c00364aa465f3b04d110f09f7d4e310ab80

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a7f4941ef8283e9206cc053a8183f2f

    SHA1

    cd26a2a0eb8b1afe4959b6ad82817d73c944650a

    SHA256

    d7b3f0085f0fd73e0dc9c85df624872b5661b2e38a5a15a1459a7a4ab8241dab

    SHA512

    152aa87cfc08a22e0e9b8eb0d672561e4c3c67ca0dcfbf36fda136970190df628dbbd8e064cdcead847e6390f81fcd81e095838e49c4f9cc9a02283c7055df33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a6d4b0b41d0583b5431e69ccbca326a

    SHA1

    c1b307d52b8b1b3781f1879ff41eb0bab789a772

    SHA256

    791395ae4c87513325591aa86d5a85389481373690bc1e044a37cc27f6dbf193

    SHA512

    056b6f582a1517293ed9d0ded8bab6c46d5c3bb973de94a77cde2a29c7eafe5fdcd1230807db82b9733eb0c78ba363930137d86a9445e37d71315341e8b35a3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebe4e364f74bd62914a964f977539052

    SHA1

    9294f2737fc499c646e3329f3410ec0f1223904f

    SHA256

    28e585fffee10ecf50ed606e91f8a64b63694f4f85943ec7d0c59e2fd5df973a

    SHA512

    b9701984f92d4d5772ad9c58e318d6dffeea037b6a06c8299c7797cda764d990e2295a6a6d636562a9fbc056ef8a0b027cb4f1a70ff0428c7039bfa2e67d59c2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b12f7286756c617e8eb4637482dbdc8b

    SHA1

    52c779da1b456b2ec09aad0f907328737d2f2e97

    SHA256

    25697ffbf5346b2079ffbb4acd013c7eb3e4a6a4ab77ac695c255046318691f5

    SHA512

    273bacb07c291bbc14d1dfc6517d8cb2e35b39a65f769bc429c5ef6c0ad0ffdf6b16d731b47bb1b2826dff5ed0813408f6d423b05073dd0778c495b553d31cc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f461708ce05aa1ee3c88e4464512f268

    SHA1

    d8eac7d7230c0169c48082d3ef45756d9b931492

    SHA256

    e174703651440265012a2a9da869bdee44bdb436552c128ecbee631a1b906ce4

    SHA512

    e6c820faa08681b05f8e4ee1fb8c9ee51bb1c74662203a7d98c51321c9d92ddcba07e3d5a9c3965141d5b75bedec59438961329e103d70950b1341d076c4ce89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41b073d5e3c6cb36063672400955c3ff

    SHA1

    43bf86a6d14bc4e122bd849c238ed14bad9d8dc8

    SHA256

    e79a1fdaee882b9eb27c19116b07ed122dad329a916037f7cb41920c0375cc48

    SHA512

    70de092214cf7805495b041e0c615ab4de3df73c4743b4ea11957d4585b2351fa8f88c32cb2c536b6db65460a39bd125adc6077a2bb885d636499313faedc511

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed16893f51f718509df115e2e2ecc06f

    SHA1

    370d3a65e2acfd17d9fc267bf3c177bdf765252f

    SHA256

    2ca55f1b5dd48352c89e2cf2901f0340699fcbb225fdd1e593d07514c2c76221

    SHA512

    c7861945064ac630848d9c00523a5c8955c9e24189e9007fc33429c86ece1578e63eca5da50d760e893797de348652f0312f3f93146759335b8178c9098074e6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab915A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar917C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit