Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    274s
  • max time network
    319s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch05.html

  • Size

    6KB

  • MD5

    b9e052e266d8df39f0779309b61bf6b9

  • SHA1

    fc9102b1cefd8523ce8bea62816be1a1a2e6f016

  • SHA256

    8980eacba1059a74219f03e1ca9ed1ef8f7ee9f12d01205c16a49598ef5b174a

  • SHA512

    d4ec404184647ca28c520189a198f7d395ce524eb50e4ea9c3c5c38b473a6b95793b6775808c6ac9252a98c8128828f75b4ea05b23a3dfcdadd266d6cd8b0086

  • SSDEEP

    192:ZyvOHU4cNSpnfiAXSkKZHlyK6Qar08+jg4gY0:ZyvO0vYkk4H8Qi4C

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2772
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2772 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a4cae3d0994c4fd21bec3727991403a

    SHA1

    2a069a6bd25a75ddd63bf0e48c12f502a63c0be3

    SHA256

    36d751234e79ad40e4f5a10b767854ff94116ac9805bba8444766ab2cbb2819f

    SHA512

    ff03ff8cf61357d398eb9c7a135b6f46576deff2ecd8f5d45becc64ba52267c51b0e53cefa06abdf239bbfdbeb2cfbd4cc37fdd0cfea408515773e65410d595b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d74ca368cd68203a7648fe10286b700

    SHA1

    05373abcccf33a9562f26bdc89df1bb18dec262c

    SHA256

    ee43d0f77a628e10ebc470eab11a51531e18f4300a4f9a923bda834962e0fd97

    SHA512

    58b9a9c7e889b1a781068c88a3fccfe7cdccda2dd7d4e57ce7fa19caaaf1473ea0d857169a88765c41bc9a0ed7214b7ef7bd82e94cc461a65fbd7543c009a135

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dd9cfad9a8e220d814f1005cf6d96973

    SHA1

    d7e1dded00f904f6c5271d2ce58cad919619e4c7

    SHA256

    218bd5851f6995f8ea39122cb85dce5e6b015b45b234f501db2fda6516dc6440

    SHA512

    273555f883de0f97473de8f0ea87f2302b6b1ea9fa43e56e81c0363439b6fff70e3f3349789e2b285130885ddde9c8a92dd6f2a0227b7d552580ef9f380554b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93c6b7955a7c2291194c4d0116aefd72

    SHA1

    61ffc8198077910737383e6b99dbdb4ebdbdefab

    SHA256

    d75926042b933bbf913dfabf8b73db439e0e6111ff856f2f0e6884510e7cbf38

    SHA512

    053fbe62026c98102a65c695d661a5cdf4bc0863d3df34b5060f822fc4cb225cf611d8e51f71e25ddc00121306c048f3df59597fb5ca0093a992490716eddbfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    959053018276698d0313e751e7a66d24

    SHA1

    e3642385f311a2b6ca7e2925ea6082c0bcd23f56

    SHA256

    829ad16a762a76f37368ea763fa7a229fb5c0930336749c69a588105288a8dc8

    SHA512

    b918aa279a04807575bb29969f497859d24b350b02548fad0125647e71d9c3a0d650b52f67d5b6c7b2877561bb76f60e65b766161a8de7a4987ebaff9cd0c5f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    20326f3eb821589e702b51c99a0ca066

    SHA1

    ef9e258867171a6d73f0f1e2273067cbd3ae6213

    SHA256

    7dc8f9931534e585496bef4f5fd03ccb478d29ac2954c70fec745666b64ffc6c

    SHA512

    cc94c566884d944171bc31d37352859c367ca2b98295bdb710cfcec00ef726d1b568e0e2f9b13a871472d26bc0e44f37c411fe4b942ada53396236563778f20c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0da4ba3f38b03430c236f2314fedbc11

    SHA1

    f049bc6f44c9db90012023eae5966aaa68e6a868

    SHA256

    a0c394d6b1f860c39fd79da04818b6e292d652127e87dff8dfc465b256fc6a2f

    SHA512

    ed8f55a56a6ccb3743259fb64d7ad186f69d2e2862ab8b6e1203f168e28bcdf57cff3e2c83c55936805533298fd5d22689ca56d2f9c02549f39713da0242bf33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    61af796fbaa403c6c344358a93395e76

    SHA1

    969b6056d0b08e78c3b097b8f58bcaf1c39f8c5f

    SHA256

    9e615153ff411db71777f78031d4cbc10799c2ede5eb7dc0d0a0512bdc0a8084

    SHA512

    0ad186120291c16372d7971ff1304436ad2ec723030a911a2d49c18753f1089b9a47ba724ef40d39f89e2bc37c0fe59335669252f372b1c0368674e4ab303568

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f7091fc74ff76481cc2fec411949b82a

    SHA1

    ac79e58d1546c4294552e66b067a1ff1178e0ee8

    SHA256

    1ee688c975f816fd4cebc0715d184e5e5f44ded18bf3d43192a227814e2ad1d9

    SHA512

    b922e5cfda3b55db909a4311ca1a36080feac1737d71c7eb3c9d0e2d518bcd98eeef58f4c332320d72d1178fb244279eb7538f6bb88df4d12d1d83fe8a633859

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5f3c66b379b39fe0c306c0e43a8d2af

    SHA1

    29f2fbbd82f8a74771f956c2a083acb3eb37b177

    SHA256

    401760af79a5fd2da6161ec770a0b381aabfe4cc8f30fb8321051d1220d75268

    SHA512

    54d5402e2ff4ebca4c855b1825dcc01e9ac9b6a85bd7862d9f6e98d9058f6f617a19be11aedd80cd26464dfe95b1181275ad984d02d5776e38a8c585e2e56fde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe8a33fe1b2bdba2cdd646ff08eb4512

    SHA1

    c503a280c5be7c9b4fc33685e3cc120b0c0976b7

    SHA256

    08d53f479a2bfd0b21392ab859eb99c070758c91a5c872744c9b78e67ddd2ddc

    SHA512

    33df40d2a4f87bdfb92b4eb505efdddd5d0731b8a75e780d87eb28692b63979707ef586af792860f41957f47f37cc183822b597814c129f6e1410364bd2dcf47

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2D5A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar321E.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit