Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    274s
  • max time network
    320s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch06.html

  • Size

    519KB

  • MD5

    310907ce09dd22eefbb3a6fe35a35d56

  • SHA1

    70cd8248f76d5a8ae1ffbdc59fef5ad47c0bb2be

  • SHA256

    c5e83584286c80482e4c416e27093aa90b4103f3a779c73a578e7f5a84b4e4cb

  • SHA512

    f35bd55205e3968c8d6d8b271f4aea0ac9d8f99cadcc9fdcb865629b860b32895202b21992400fa1e36b75af4a30ce9a2eb211c0a8fda7b3db2fcb60d4614754

  • SSDEEP

    3072:Z0k/Qb3/JtEpHAkIRjMtMAfs9zMS77Jmt/5Sk/YVgpVpqVGCft5RP805v:Z0+qtEmkIthC5SPVGo5RP1v

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch06.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    18191d10db2a9c1e41c44bfa71956abc

    SHA1

    376904501a6a83e0d819a6aa67124561b9248eb3

    SHA256

    a3c8a3afbc90657bcc96ff20fa1d38595fb5c7fbfa5f27d842c5125ba8584a10

    SHA512

    3f2f2c2549c789a840ef436cd425449644fceea5156b29a2e9db824fbc826e7a695b07d99fbce2d74a4cbdef950657cffde0fe043cd77998585d590ace5686ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ad259eafa5153a5530ab5805e4a0f0cc

    SHA1

    5f8fb8aff898ee63bb106d808fe0a67b7a89a1c9

    SHA256

    91ed350000276f3a11c3332c15ad97631dc93032f4c9dd8310366cae775bc643

    SHA512

    f9832b9fc885bf011d2e1c8964b8eeee861df648cce83b3c654988653f590fada21d8710971f5111cdaa88746dda824cdb6fb2fb23817436734c2ee6ab119f81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27cb98cf0446b34ecaa3a216b4bdf729

    SHA1

    6918af1604e2aacae27e6997c25655e25f6007ee

    SHA256

    7d01c9eff2d4989b1d76eead56c8fe1a1fdd152dc9c2004f6cfd5bc7592f6ace

    SHA512

    8b839794f1cb127688d41b2a07e5f5af70bc6a3dd87b222252a1a9fea04965c503fa0b4e8073b1a5e127901ef2f1b9a933e6ae9cb061a92c9c203f1c1e29b5b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3840309a70635e24dacaff602b256b97

    SHA1

    affd293b48e0934229d25278f1f07438eb476ee3

    SHA256

    95e3ebd1eaa23184090ce61bc560874c488a178506f67c09b38bb117999f624a

    SHA512

    5700f8b99cf883a6a59190fbaaf76370625f8dadefbcde83ce0ee6ffd8a8560926e0d3469a0c56a7dccc4b49ed5f92da0e906b58774f3dc34995d30e3f7e4fa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1667bc000942d19af891204fb334f9c

    SHA1

    8afe52722b94f53f25f270adf0b883fa515b453b

    SHA256

    7753e7438adb7dd19cec91a75424ed01357173ad659b8117fbcd2cc01ee3a7b5

    SHA512

    8bf82b89c4aabb85c95c9d318380532846ebb0c3f5ce2d628e44dc082d2df92cf968ca1383cb67790104fde06af7cdd524f5fdfb94014d02a774b21d267dbaca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    25f3a7ecccb0ccc6c900f859890334a3

    SHA1

    b84e0c4f4c40174613c29d45ca0039d09b0cf75a

    SHA256

    5c6eef072e664470f1271e8dc051d05465de13c326d5839c2879b1dddee58c57

    SHA512

    00b4ccaace57e210ab4f1daa3b74bee09e2bdfa989ef27d78031efacafcddceb9d4979f412f0f7d3192452a4277bb27ce8e646f903c21b146dc74d5c11c70cba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a66d768d1c0b47e1c4cf0233fa4592e9

    SHA1

    915b66ba3acea81ceedaee6361e832eb25d29483

    SHA256

    abeeb61fcc2c54639d4dff0084edc92122bf06ff285fb606601919ee7da02c45

    SHA512

    4226576080fd308e80b0397e4809df216d13bd500934e50f2618d8c57b84148871e7a71ae341f844d0c022cba9d09c0a07cc7ec9595df8b57cd1b4bebe620798

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4dd509fb2e2279c93152c25492292793

    SHA1

    5d1956c3023b422dc4fbecd4a1d4c9453337a625

    SHA256

    13098134db33bc037b11cb5b688407279f39105c27c03ed08f86da969b06c927

    SHA512

    d4cfeaf023ca63e76b22b5f53b339195e6322a49dd207e3645bf6a1ff9304b86cf485d2dc795afae0fd3725ddad51eea33c8078b16d8f2c01a65b05c098b752d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    00de07a8fef46102de581be6b9f09447

    SHA1

    9d1ea131161e1f989b26b9746d9849a85b69c48c

    SHA256

    72d34dcf0d22f2c2de0a0da2353ea9d02ef50cb818142ee4a07720c07791afc9

    SHA512

    4fa042540da7d4ca9cc0f92ee26116ebe60cfa893d1968844c94ac7840ff28c482560bf4bcc122d4295622be0a2647069820b99222e6adff8446fcf270a0804e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    07fa0a4b15f3001c2cbf03b6df0b4c2b

    SHA1

    b5d26655b1eb8ee49985bb2e77b3c765fb1122ab

    SHA256

    eb8847dfff62e7f4b595e73feab7437032a767b0affe1c9cf967749f40ed8092

    SHA512

    4736c50b9e3060f208933e5216a1de3daee4fe6c9772dafe70e760ca60e9e2a75454a27443cd36b2af068f57313ee3cfdab97ea37195ca137b2ac2c172108840

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ec61c67acd8909e50238024cb03454d

    SHA1

    6e45a91ddb09413b9ec4b78bbbeb130fcad54c55

    SHA256

    dc7af12fb246dc7eaac112b5c3a4c15e0520cae06acba3b02fb18aaf086a03e2

    SHA512

    798b04b758fda555175c08e0bf0f4f87a0325db7fee6ebc20f0267446d054c3da7c4ef608b550deb95a74e3a4228419c09e45c49b38a5cd2e37466ae21bf6373

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da88293f135703846b448a10b29daaa9

    SHA1

    bb7c617c5eb2c14b016ded4094004ba8a17d167e

    SHA256

    5733e710ad1704cb459fcbb7e2757db35a9f17b491358d553cd1c1e8718c4790

    SHA512

    94dbdeafd825f6a5e1cd5214c2bbe4a7bf99017c99bcd490bd7b804cc9a26ade29a820f3a596d254506556b31da914f4902038e66d426061629aac389d8e9b3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37f844423c493b5b2d02b7de26cc84a2

    SHA1

    a26365299e70fd08c1508ea6647ecb2d95407bde

    SHA256

    13ba6d05ed2f218e2afd4eabf774f30f1412b521c2fffa7221cf5c8523215d4e

    SHA512

    4cac661be11d626a0c06af0c9208f8e655f9e6e2d98d153bb42ab3d604ad2305d1b69232faaa0aecde8981d8cd4ed504c4e23386d7a0e34695a2ba69554694f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a66687669ecddcadb1d666d61e446c1

    SHA1

    434b43ec4439b80552c6fdefc142a0c85b9236d9

    SHA256

    231c7bc1a00e25297fd0152b0edfebcd0c03faa254c35bcbffff6f7ecbdaef35

    SHA512

    39a0be933cbc68a63bd07666cf4f78bb740e80d777e465504e1f6e82aa7b53fdbaa64f22b4a449404690d6a70ca2315c40ca667dfcecfc623f00948bf3d735c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7bfdef2a1d7bffc02866b7b56bd57849

    SHA1

    85ac397edb26828f5ad13c1bd9aff696ebce0d5d

    SHA256

    e54062edea9b0dea3a0bd375550fb57ec56698afc063cb978b2d2927c55c62d3

    SHA512

    b6ef9a5cb96193e7c8541852fc5a78fbaf26b3f2f7c1f85e79c515e0868d271bcf65ac7747ef027de527ce4a60f172174dd80ee531d66869598f62d8f7dcd895

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11887ab35c95e8ae43d1f6fe41c6c195

    SHA1

    0c04131ab7fdc0808f277f04c5efa03f67bd5380

    SHA256

    49a0b03611173fa79c8f6e3143f420299c23360c4e4cc987db2cb528dec76ac3

    SHA512

    a6727a28ebb973eff1465488f5671955572f78c9b321c59863f8332f40a588a64da4eb4a01e6a62d9a69ee6b708c7f48d4d15f71cb618c61dc68865000883b49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c3d5216740bc01621a99a10faceaea8

    SHA1

    224743b40d685eb89af73edec1bc176f23154dc2

    SHA256

    0a8b360a1fe0cc49503e255fc0b1af3fec148c7960f8c4650319bab88aa99701

    SHA512

    c734821bbab995573906084ba1a51c43b805028a23b0d89d96779bf3ed6ed47ed9ecbdec4ac301980f09f46537d8713d244fd5b4590ddd3b4db4844e81b34e9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    582d3980a26d3c82c4511538e89f8556

    SHA1

    5d93699ed931d3c9385b7007ed3f198c5c8a9309

    SHA256

    b9249cc335a5777cf3d57b8c546dfc801b8d4c11baec1e28cdebe1f43b6bbbed

    SHA512

    62bd1e573807374b10c32bb32e8f3cdcaf82faf16e5cfd196357612323bbcb5360d4037970d5888fc705fa8b4dec689e5dd13e138bf2a5a1dc31b211e74b8b17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7da4f3db61f2cc56b6a466569af5e50c

    SHA1

    f71a27117e40928b50e665e67cdac150966653f1

    SHA256

    ce9145055bb2331438d7518d3cc2a805f41d8fc23cec2bcc5f3b21541fa647a4

    SHA512

    8e077776873ea96b696f38e70a52957c674493b3421a694b448ce19e74f5c7712f2f729d3d0566ba8688999769dd2e64680e53e7a3586d7c28e6b76f7d8343fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9370ec9923489505156bcb26b565e6bf

    SHA1

    cb9c27b62fc913010c1b33f8e8fb075115d8f072

    SHA256

    29549bc4ec84aa8dd951668ca0b2b7c2a831a9cd0c54f14066831f37f7617382

    SHA512

    7456a0405123bd11ae47e87a98f788f201224e968d1edb5853ff8a44ba77228365c3c6e5ac94b94a8f8d67d427fcb063549ccb1424b91e98e7f50cc0b0fb7fdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfe67d73de500be86ead0ac0c073530f

    SHA1

    ddf257b92bd91ba5e4d9a9430c7d0fdece8fe8ae

    SHA256

    e118d9e6ae56059bdbe87702eeedcb72648c14dab0081712d4b849367987e620

    SHA512

    7d5d8c4fb60cec76efec5219cb9d569596a77a868aecd890a7efbfcfd0fba8016e3666021352b238bb306898a2f8f2281070928cbff3fe444f6ba6bce5e45c55

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab98C9.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar99B6.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit