Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch06.html

  • Size

    530KB

  • MD5

    65425ab8ea50ccb9dcbb226f1c72758e

  • SHA1

    87270d8ca35c433ddf3734bbbe95258afaff1544

  • SHA256

    6946982e693572cdffcfcc661b1e5a59592529b0cb871e94f0bbf99f312ee76c

  • SHA512

    5660aee6d5b64b43160184b9431670b2839624e1d1b85c067ff98a8233a5458a746470fdb0b0afb12c78779bef6f8b962241b3e08bb80404bdca78ae37d2ef80

  • SSDEEP

    3072:Z0Oz9I3iaHEEhAkHp/1ZMAfq9qeSz1VmN/5SfAdVpYVp4tVGCXt5RPzj52:Z0I+HEDkHlvW5SaVGM5RP52

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch06.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97e38c24b7b13754442ba5fe73ad80a3

    SHA1

    5053109857799b7fb5414b192ff3a3c045055e90

    SHA256

    a86c00469095b20a0558041ee7930a58d83f547912ec225213dfb17a0918e2e4

    SHA512

    f00708757c50961ad0ffa0b813ae42ada814a3e4867f5995a358b660564decc85f356cae01ed1fe217eb94082a2c2127ca9ae64ae3b63699911acd2f375b3068

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ad95d72c39bd641e4096721be548993

    SHA1

    c2478afad9915ce61ab7f59372a5b476d0a87e8c

    SHA256

    6ff6060682270e21dc0e5586ba9e0e927b4036668f038f9cc1e8595860863f18

    SHA512

    d2a44160c804a6767997499a78ec151a6141f09b58eda102596ce1a99f50777b826e9d7c0ea2008a1ede2afa44e463d12147714a4c278a508634e41f1722330f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    62c7942def01164704871c37559b7cd9

    SHA1

    4309125ad4f0d42c96e3999dd020ca8eb8134dee

    SHA256

    84de6ef13436f8b99dbfe70df976f23ef08cf3c85b4e80021ae3b5285c5eab27

    SHA512

    d13ea8832f774aaf1e79a6a137ce304d1cec12af6bfff7a478148f36028e398f635762ac56615ff1b91b110a0c2b693f6493966f113d296c37a4ffac8916568b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2f4f5281b592143a3974771767f1ca9

    SHA1

    81cbe247f1a28f95d16409e8aa0a1c12e2880b1f

    SHA256

    0c55cd9f3f7e8652615237d7ef525311ca9d2f4f3b84b9630a758b76d29b675c

    SHA512

    87cbb7b8a90467e40dada9f33cba7431c6b2c5e302db6887585f40e03de5310f098f668eec78564553f9e6ed58627bbb462c58d1eee42135709adb84973e5510

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    add9b46b95875bcc413d631768d69920

    SHA1

    fcfdba7cc3f0ac3b816f67ad91f4b90cc2a8f193

    SHA256

    f307286bb094bf8ee42ac09235d82d05f91aba51661db6d113244b4ac249eaac

    SHA512

    1a0b06f82309a672309c1d22b3926d29bf9ca44fc848af0546f05f5f588c9a6115e641dd4b172d96f108a9cfc1ce0207ea066830dd58ddfa3138fd2b66590fd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a33a72475511b3f8e00007f2c712d5e

    SHA1

    05b5a1b93ac5d458a63c3cca92141a7c6bcba0cf

    SHA256

    94976d8384174f8aa9a6263bbe39b68446fc58d7e6399c286ae0c95bfef82cee

    SHA512

    06d44cef93a4aa0863aee87234370e673a7ac7e3f1b8ff7ed76dc9ee5af2cfb506face69d119c16e06c920b270ac47366bf08d3871f9ef19e22ba299754e3494

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39a4a15233f34f2a7ff091e953f7bb8c

    SHA1

    304412bb43de1afb563e13cf505620125129df2f

    SHA256

    02132bbcca0250fd7171127a40cd3391457b046ddf43c812852651079ed3dff8

    SHA512

    35a72d54d908ce0c2ed6bd1496b221f36640c40a8d198a80e1b4235f17f39710220be2ed1f9bce651cade8eb766210498828388eda8ee316ee04139c4352b750

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1da24caf1eed5a737391ea6584e571d5

    SHA1

    ca1c6a48ef0cf3cc7088d8205e4518eebb2a658b

    SHA256

    239745514b44fed10b16f9e461d26c6ee537d1c73bc4fa127af432f449a059d0

    SHA512

    9283d64020920af85928103d84c40b945df51d2a8c6b25bebd72845d334369c91b784a0cda4724d05ab8ae572af775f339481445b217b056ba0dc5b2629d3b12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2532a2cd660e8ccc1472e68abeb0399

    SHA1

    98409871835bf5d2c112c1cea971fd18fdc9b1d4

    SHA256

    8aabf70b012c8d0cb2639a09e640c968b1c70de2ef04d72ff6b4900462d28469

    SHA512

    63402f2844084c543ce399aa8a2d891ac608d1966c6155987fef193630219bb0b05f1fdab10fc96abc5059e0d5284f1c29035cf14ea247785cd44056b8731780

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cdc7ba17468313f5c3a3e42510e1ccd9

    SHA1

    5ae54e5371dbff34b6817e72360adf7d6c0a6f7d

    SHA256

    433a25a8cd8cada91f1ebece64d8ea3166742a0d7d451c6362e9e4157049d8b1

    SHA512

    a0511b390168a1d9e566f41e482597b8baef2fa0cd8437bc070097adfeb5235fc371d0950ba33397838c92ba869925b54008ca292716f383ed2467864d55e04e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a80d2dc24a6f298298a53d76f02cf69f

    SHA1

    2bd8ac0b5490bc422de4da596252533f10bef929

    SHA256

    0d37d69db1efddc14cedca060d29544d513cb311b1ac5e28a3b14042ac62b1b6

    SHA512

    b236d13bdaaa03049f18accade856b8d74858ccfe314a54fd968bab3e61977dcb5bf012f777fddd72dafec908b64b7dd8d5ce2d8ea66d779721a754e0e677320

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6568.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar65EA.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit