Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch07.html

  • Size

    11KB

  • MD5

    ab8c7890d9d25db2255446ba06e80103

  • SHA1

    42785973cd35c07306e01cbf00ad9c350b58f397

  • SHA256

    855ad9d24bc7658c1b064b25740415d57b1efff9830938a7421cb9bca3ba3f24

  • SHA512

    6eed9dcc887825e1d46c88ca249681c0487efea9a2b04c0bc613979a016d48552a564b8fff11298f3c3c0eccabf5674d8da1d5c4b6d51e3ae48c3a549466692f

  • SSDEEP

    192:ZyvOHk1FNSMuoTzhbOTtsor14k9h6B37rK9h10PkmP+YCBF0:ZyvOErYOUtsoZU8OPqm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch07.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f245fa571afeaa5b3f92450f92038b52

    SHA1

    854e5d8cba24193491363ac44c7195ae187fc9de

    SHA256

    a1cd70344fcc1fcff4546163461c40e3209d048c4f2e8a1e911d316f4bb997bb

    SHA512

    67359a43ba83cd847f941e458b633c5791ee9b27a62fca55951cb7c5adab296cbdb82fa06dda839bffc954bdd9f896845834e4a1264b3c3ce8d98bf1416b4fbe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fce131e3532961d3e8ec6aa5a68bbb5

    SHA1

    0dd96eced5d9e104fccf5ce23337257d1d2e3778

    SHA256

    0f04b388d74a4ace27d6a050eba3b8722ce5cfe894a4735dc7f4a0beffa52b7f

    SHA512

    c951b188950ef2c7e1af61e24d936a1f01a5267c34f329e57b5b9912e1d7e395de043b87a72a069527e728e20c110c42d0041d1928116a8bf1157e4ca1acebef

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f94142f4e31736d37e6f241287f85b5

    SHA1

    7e7a946bc2982468fc9a4015d6c8e21bf9e16382

    SHA256

    41e7f0aa7d3d86f1b61d92dc8fd2954872bb7ec5a54b449237cee5c3ae386d86

    SHA512

    6e055c5a9be9c6db7f44107ca8be9e8e69745ca30888d3eff42bdd388caaa255b1f2fddbb63a839d19a478c27671305cd368060a473c5b0d2f3d17e27ce24751

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bbe1ea030bc50d5d0380c5558666338a

    SHA1

    77ea5b73a141a8ae9a627b7bbf9b875dc37466b6

    SHA256

    daacd6345e7eee89baf8abe5663707bec1ea0b1f167e5f1cfb7e60704247b746

    SHA512

    7d72de651f8146413cc0114d6df23610e8f56a045235027fb969e58aed5cb2a3e4d3d0a54692a153fe2fa78b66dfb0a56f9ccce9d1a581aba97e671f14931e44

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ccf623c1677a70a98072b85f0e9b026

    SHA1

    9abe81c4a2c9fdbfee9a7d9fce385297d7a72fa0

    SHA256

    2f9064a5f1072d822c6651fe65e0980af77d201f57c7515dc650b21725cb9501

    SHA512

    12d44207b91a68991a1be586b9ea9bf46cc05540a646cd871bf950326adac8615c190a807316784c254d7c13b5a9cee5621b5c0d141a61747d98963c810ed1ca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    800b93af602ea67c31f3089024d085fe

    SHA1

    8806a0cf434530904d8a39c79586934549267952

    SHA256

    e9e38481523730c6ef391ca7d41875b71c34613fe1c8cd8c109655a7f8ff1c68

    SHA512

    c5a24dfb27ad022a8c51748214d98921e4f0e99ddb6974e6b4fb0902ea0ff5f67bae14051ba34486656cac0be15a9e6ec5467982b08352d8c1f042e96494178f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ab5e7c781fd45c009a33198019112c5b

    SHA1

    4b9f284ed0187b77c393a26e3d7cd030c367ab4a

    SHA256

    9b13b2ff14ad7ed52198af6baf01fe8cc5b791d802ec95d8231fc748ae947431

    SHA512

    fc1e9c4494a5c946bc5518fc3322ad6d98c0b308cf2b201fc7155c232d2e473677004aa4c335164d608b5634118cfd45b92ee131e69c75aa2728f382dfbf93b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7fdc59b4e26307b1911f789a2f809c62

    SHA1

    36e595823622449d48a0259889104a6f1b0faa2f

    SHA256

    243f4cfce3d8ba7ca3be1b5588e36543dd9837df6c81ff2ec576fe857099d90f

    SHA512

    7a89b75b21159b884c92d98c32ad82d7954327f12c4464cc474a8b73bb87e2a7a2cd10ecf2bcab83938e3627018a99d9a3f6fe7e2d956908a76c12a8693b0434

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74638f0ab53f2611963e5783efa5fe6f

    SHA1

    06f77eb07a54859094de5118b94cf00a49e1c69d

    SHA256

    3cbe3c36c0915a61d2ae7fe06731a8e69889d3479500f89a7c2d68819759aa2d

    SHA512

    3d190c3060da875121011ce9781c14a79a107febf020e2ee68f6585b5d77c6637651b0a3aba20af92cb09591f24510e9f0cbe1ead46a6932c7c02128696e4aa9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a915527b38bec2338005938c8a6daff8

    SHA1

    5af91cd533353f81b28e40074073031c3b2b292b

    SHA256

    06bf3f6a303f2502d9bcd8cab1e1ce93d4270e320029ab2bc57dac205e5087b9

    SHA512

    cbe03f4ca0225096380ef48ec93f36a1051da5b83d737a391c25611399deec5d59b82ff6bee1509e087a13b436adc429fe3d717e19d7cb702a916001fa714a03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    96882597a32de4ddc0d53236be428d33

    SHA1

    1d405c672be3ac44a9c606b2bea24b312e95cdcb

    SHA256

    7fabffdf40c5d6e54325f762807f2d4d053b2a3e510c01d902ba7e2290c73721

    SHA512

    0656b9a65374f3d40b8aeca02e832934d6fb83ac0076efc0fc8a5c6206c23279f7a0b28bd742790ed9394c5aa4479ff8689f3faab685e053c3d3f059f67889e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    57d393e9c2cb28f93efb50563672aed4

    SHA1

    f5bd3a5f35ffd375be49c56972fdb9a0c997501f

    SHA256

    35869c64cbc42581933ad25438448d95bde1092d9d3eb86ca44c94a76a07e885

    SHA512

    ddb0f6573e8a3a809e5ed1a97b3f79f291ec1b1196503d4a198b4b3b14744e185b2bbc7ad9723d668dfb50a9e0e05da6bb3c33bd5f45c568ceea3306465c6d7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9adaeddf8b6718f81578f86c1d68a514

    SHA1

    0d61a4f2d5de2f9a6e0d8b32742b0a3d7ea2fd51

    SHA256

    fa099780685c94945a62d37dbae42621c780d91bf18e6fd09d091ac7e2b6e050

    SHA512

    73bcc197c72bc504e8e155a0a2723bd15315f0e05f200604171cf7431ccae543b9cbf153abdc12ea7bb90bb12a8b57db3520ea33b23b504878f52d34410951b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c79dbdc8d0e668701f50099ea4100f5

    SHA1

    ed1c55257d53c8e8ad1ef66e2d2fd5f3bd472498

    SHA256

    0eb69309b77b3c2a06527e276ae9e2e9482268d03ad72daa4fef833495c68c4a

    SHA512

    01069f1bfa79370ea1abcbcbcf87fc2074c2a02a74e45481144d004f3d2bd0d662d04bbf2c3dc1d8c3d05ff46c5fba582216601eec0d2116b0430a1cbcecc556

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99ef2ec89f3531841a1a43f559bc5886

    SHA1

    69ee15c21976b55230146b2c8f702dc6f416a6fa

    SHA256

    e9d85997fd83404d1237f83cf8ce5a57e549c45aa1136cfbfba6064aa4b259e0

    SHA512

    bf729068ed7ab0e38789ed219739e0dee6a6951f55529567c3894bb0c7288796e19530af8492f67c632d73f560e5e15a2266caf31ec14b0addc7ab223d7ed580

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    83c8cb6c5d5214eb39778c986f7cf3cc

    SHA1

    ffbd3f89cad9a0c2d78edcbe3dc1051a395032d3

    SHA256

    bd905d1a1a316e738f502e22e8cd8238d8393974e32c67e163f92a49a25b3202

    SHA512

    73ae7c3ccd1e5e203ddd909cb132680fcfa87e4aa31a64071998000fd88a97727bdef799480b03c83e25d9b78b77178e31ffe4f132865f85e94fbb647bf41bea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d89f2e3f197c44ac71a6f7256183a9bc

    SHA1

    f12f6b02dc593439acca8dddb0d1ca5b8465b94e

    SHA256

    d95ac8c7a369e2eb4148a5f7c05d24d2fb2886a9bc52719a7cfa0b5f224b1bbb

    SHA512

    959ee40f01c80c3b85f489dc5e1a333ace0b7df89d04d13972627ba8669fdede066e76177074200748b8856f30f9956e95e9393957dcf02e32c26cd060146422

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb75997fbceab6ba41dd18d14dd22316

    SHA1

    5afdbe8752f9de68e0cfdf927d8877661a9207e8

    SHA256

    b6df0f6c9bb3f77193cd1435daa9212cb0adc39595cd6412a9dc38cb1d244845

    SHA512

    d41f17bae548b57729a86560f9d9dc94856bb39de7f45900d6720a83fbc3444005eb9376f0ff04ded168c5741cd4a04ea709754e2d776efc6c42cbcc23f6e4ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8CB6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8D69.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit