Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    169s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch10.html

  • Size

    6KB

  • MD5

    6d9ceb28e80ac4264036b29898ba5fb0

  • SHA1

    f1f4e378fe67d1109ea6cf88e9dd2cf3e41ba8dd

  • SHA256

    4bf8864fa0ae8121097333a21e04f7735a5302f617b1c93027a41cc8362ddff7

  • SHA512

    1c0629c52ff084b6548f3956fd5e347257e20295feaff8281ba52a13f3fd273a33998189f9f4cd5b0c6e15fa6466e24011312e7ff73681c806fbec4d02ccfb6e

  • SSDEEP

    96:ZBAvOHe5T50VV2yNaLgAAKyfdytI4gYI7XJ21JUC/byKD+qmWzrzbKpmAbsdgaw3:ZyvOH5OyNS28to21tDHaHPTy0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1800 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e02ccc2d9bfc1860d7a5221f710f814

    SHA1

    c29ec88984e6e22b0aa87836e46b5dd19ee31708

    SHA256

    f2d7fe47f0bf73056bbe09dd76ff2a0aa48572d89f80dfc5c51495137b8848d1

    SHA512

    100ffc208e2af4aa9df675607ab379dd07b59a07d5951ee18db91269ee9fa82bcf92545cb61f17f98f45f572f4feb36b9fa9c33a47fa75c14de0b6519718d501

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    482bc71e18422e61a00d17e45c917d72

    SHA1

    c599e03b49b1dce20b7a4f3d9546f3de4602dd9b

    SHA256

    62d614019984ba7b3174eeadbafee2cb596934d8604816199706b172ffd59f6c

    SHA512

    b535156db94015628a0a8ed0d204403e66bfd75fd19f9839d24621a4b341007bf273a2f5ce6831196c7c449a29913b06226dfff036d9bf0d683388ce0893001a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eff530dc08f0e6371b3c02bde1f6e5e1

    SHA1

    ccf8245788ad80027cdd0deaddb3066dd9649bcf

    SHA256

    35cbf120c127e72c63a6775145714328081e26e582e1c472c23d91863c537a71

    SHA512

    ddd812774778dd45f6652c20c7d0cd5e840355e0e54c5d30d38d54552cbf866819d6cca89a10b49d381257c2b468e02ad8036f31e71d605d9b6bc1eb227ef67f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e11ca7ffd353424c52d1a6ec5cca4ce1

    SHA1

    fd470d3394298852bae6a660cac45408265ab20b

    SHA256

    210b2126f0d9a62fdbd76b07f3010a3af9a9334566b52607dfd72e86fe110bed

    SHA512

    d3f05ff0831106ddbbc4bc9112561dbed535d0d2910d1c40becf9674edeb810b545e1aa2feaecbe0baf04b111d5f135fc6f33999c669e907447d307277da05fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    247485b389beab3844d61dd6b8ba4ed1

    SHA1

    240741006c045b879df02d4122e1a96dff221969

    SHA256

    e3722461f967f8285d01760e318b60d99a9682ea35e075c3c122c3143079bf2e

    SHA512

    bb92688c7ecaff9e6bdbad7908dc345a333d39dcd529233c3d3335ee53ba64bce9fe421b2ed404228158526e1c77adccc520fc1820924d1a1a49828b6bbd57a4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    834a89f44a22744ac0dc7253563096f5

    SHA1

    3ed59802243e0406e4e4aab5717bf97133f4eeb7

    SHA256

    af859e1d03daa23347f5179392e550bcc8c935e612633b2ee4d47f98a540ad7d

    SHA512

    dfc4354fe39a9b2cd217d8d204d6019add4554cb5505bcd4346671574e3143220e1a526c701e35a4c8489bc7bb980774d38a9b946a8ad725093cd7703086e5e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4406b5134305ebe6d8c1a13c6bfa6378

    SHA1

    01078a7b6856b7361b62e526dbcf2038b08124c0

    SHA256

    22637d5684977ab5b8c0bc01e3e61203b9c80931d08fb12e77a4b5ee39dbcaf0

    SHA512

    349f82c8696b5dffadb6834e5f3b65dc59a2788b8ad847acb9c4212bfaf2aad705d2a43fe1c944479a97542b51c2a13ac7f035ff52457defa705fe3db8f92a79

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11cb17085d9309a6d75571bf84a3d4c9

    SHA1

    ee7bb368c1b4516774c26193aa72cf2726ed4870

    SHA256

    814caba216494dbb019c1fdd430dd4c1311fde6f76c90c700ac4728aa95be844

    SHA512

    f0abf42f3f577caa84f9eda9503b7db4999a218923f8e5d13838fcdfe664567e2845532c4f0336463ff1cb601bb042bdeb6c93e0a1dc37f20649e1120a34f5ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8af14a7e07871c0999ef6b5ff440d7b

    SHA1

    0e5ec8caf2443c446d1bf69ed25706cb6d60be0e

    SHA256

    993fa5ffa72b9c6df05cce84a4e926556c620365678052b3698537e5221e8880

    SHA512

    d185a83c5790f0356bc5815b0b917a4a70b5e1fc28c77eb0474e050e4e093eb300e0d11757cc489e585422ead5039a54b61c4bb6a553eca85bca6e7ecfbe6ad1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    36f25b4e54596fc4365ff995364bdb35

    SHA1

    f233c68cf800f8332c0891214f13cb5e07c252e3

    SHA256

    cc1a9b0e85f7fd423c4d337ef7e094fd183d0629b57581b6cdfa2d42a41722ab

    SHA512

    ba0f4c657fb3175f0dda4e2644d7102128fe8e6e96b500dc28467d6cc0bf4e622b6f6ff1a6de34ad375e625e59d29f9ebe5d8a926a0c84997a31f73dfaa413ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC63.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar22D2.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit