Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 13:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch09.html

  • Size

    67KB

  • MD5

    95068afdf2f3c7967cc7a24bd744ec90

  • SHA1

    5491b7c66262970479799c6015a79918d05d3cff

  • SHA256

    988775bff2f1a8d5da01162468cb0586154e9d73b9ea716d3bd37aeccba6152a

  • SHA512

    7aede0081838fdfd9ae2e408f975551bc8c426280ee84c1fe52c911a17e64f4e9ea8b684c980b2a7a885f9cd39758b3e214a7bbb52592bcf2e335caa904fcfa1

  • SSDEEP

    1536:Z0OEUVJXFjwP+W+WZcqSCMEgSxMgeXkWZ:Z04V8H/ZcqSCMEgSxMgSfZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch09.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2800 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dd20e8519813f789f7c48241ffc9725f

          SHA1

          04bbb6cef3f414ee4be3dadd4b45f9102b2c577e

          SHA256

          b6081819d12af6b5853777417e547f32da9aaaec64789e84673d6c73d3c05a38

          SHA512

          b5b15c715a8ec78cf35aa63e4d90175f541ef9738b2dc6378a051853af4c7d1976b9a99faa42a57309425eeb9bf32f7a86801495a360aa8f0dde656f1cc7cc20

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e7b5f8f45cd27d5b00125d4fb2cd9d04

          SHA1

          4ab4dff72d87222c750584ac86b312b795016380

          SHA256

          1fd48cfc6e541e34e47bd2a0f91f5c45d6c7a7364312d55748bf206e066b5903

          SHA512

          eba645034c0a0f89ef97a539f16b4aa1ad3e6ab453d0fa1bdabb762dfe5f0130ffa63c8fbc257d321fe14cc2eb862e62437d6c1c22d1eeeac8af110454a5db12

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5820d5aaaf087bd6c547ebfceb206146

          SHA1

          e3e7c21544e15535b207528372496cecd8b3bb3a

          SHA256

          39d65129eef48dbeb0ca17cfb9d3e0fbbabc13c5f20f353038419e044a48ae02

          SHA512

          6557288c1a2ac965341e9aff0e673743408a0e32ee44b9ffc7b3859678f410b3c54d641444a10b5d4a0aee93f04c998b99015f956a45cefba4701ec5a532f6bd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6713a05dd42fa83f9bc1f65e27997d8b

          SHA1

          349189c5adef2ca4d79c467b8810df1a95a2c9be

          SHA256

          dcb301965b95138ce1a42db76e51ee3c118395d03114af9d9888591c4b9212e5

          SHA512

          a61beeb38e86754cda53333a821f3e72735ed1a5f2f6be8694bc754fb4561d8ce8d096d1d90830f495e8e66ef467bf7aaaff999702b571a438396b26f4a7a917

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          877f23157f3ac2d34fb25568921f25e8

          SHA1

          817e123e6a140c78f45c999e9ab12c4e41f191e0

          SHA256

          9e3acf2a6b694e87e46f465a11b90f66d1cf01a61cc0c319c158519eb1aa6839

          SHA512

          9d8a404f7c6605cb82be67a200929b835eef0a89fc5652a3dbd9b67be8815080e16ff25bf1114719700c586cad66536d93f3c04a8e562674a2d71de66b23d8e9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b52c93bc40b12a497f2bff230f65b7f8

          SHA1

          f9ccfcd2845bef9f885a6775e10bc14f1f6aa3da

          SHA256

          565f3741bd8fc1e9be021340f74784bd0f47e77c96b195e8732eb4b114eb991c

          SHA512

          2ad4627855e06d4abf7ac3fabf76fc9aaa6c6d49d511f274351732fdd4103fa7ed94c61f7981332850c161fd879b44fc9cf65cc6abc911775d01953a3776b91b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a94c65f1e773b2054403ea82fdbe4146

          SHA1

          f406c7abb4e179883ab51c147435c05a1f77a9db

          SHA256

          ecd522dd1ab3fe4d2f652c9418eda18e91831ce9db2ce31522862699c71e0b3a

          SHA512

          60e7b078fa14a360cd18b735aec10ba20837b75a517e55a3bef4b67040d3a4237fa82efd7e4e80ff5035da79a43d269521a9bf1bb394b3b46a9f41d32c0ef7b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ad41b15bd6e77cb70736a98e3acb6795

          SHA1

          95feb834130f7d094a32e093f6d6c795dc1a1dc1

          SHA256

          dfc0b774d4ef9b8e444f6432e4352bc86e1a9cb1d134db1e312a9e70b715c72d

          SHA512

          0745c64251e5c411d54524dbd53058cadf6c4504d4de88e68762ee5a335c311ae25bd6703bbf01afeda1dd948fa7fbdac15fd2fbdebd864e44713a667ec23a64

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7beb13ab156596d82ba8d69d3ca137c6

          SHA1

          1b00d50bc083bfb36f985da3a3fb30683f6faa00

          SHA256

          8a0c25022ff6fb2e773dcd697e96ff45bbe186c13ecb771d6629a1e3f9945077

          SHA512

          365e591be56f8c53f1e411d658fbbcb63ed1a2da3a7abfc8851b9dac5eafc99eb1ce81aa47349bbcbaa2c3c1cc9287f066ad1f8ff916d5fe375e07367fdf254e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          dbdf1da727fdbf7fc3c158a42d2feb95

          SHA1

          7b74862748629c2899122e9c171ac8e5585ac9ad

          SHA256

          cf0ef39804407d5299ded3e7e9291ac8721ee9dfca4e696601a716c73d5b4e7d

          SHA512

          a2c6979d209b2a172fe5814ed2cbae16eed56f623282cb5f7c40e86d222bff42a12c93ae367ae77eac602012e005df2ab8c274383b7291fe9cec06faa6e1850f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          60bc22e356b1b744f862c2ac9c103e89

          SHA1

          b79d90d50b27532f5fa0b1dcd940760e6ce41f61

          SHA256

          4dd067f155754cb7301af879d98e506672a7957e5867568b12580118558b83f0

          SHA512

          d4d96fad28139f190e519b1086988550a278daff2969980beff3ec15dddc1f7b4f4e7bf99b8c5629efb54a4ed41de6c49bb8f567561968dd6ca3e881e3999787

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9e545338a392873d17e01ac64ab09f2a

          SHA1

          ecf5860aa1ff69b0b47d34b748ed6b23a62eadb3

          SHA256

          42e709db24cc6f028dfbeef8622a80fd34ee17d2c26102da2d79e9fac16ea281

          SHA512

          f3129c756a0d97eb19ff8f1517e7ba0ff155aecee1621de5e4e0cf03b8c2de30bf0f68950bee0a69fc7a14f2a39d71b99a6c547d2af104da0b65aa062a89ed3c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          495378fcf34e57385b1793b681908fa1

          SHA1

          7ed772464c83e94fc6022748c8d11a1401e80412

          SHA256

          4fd6015eecd71227265e812fe9d58ea5a8b08e9c1d1650901a99f228d64edff5

          SHA512

          1ec4840ad7ea320e05799d3d732c21eb3df25d8dc8af665fe0b47bdf3b1b8fa6e194b3d350f735a6a6714d12f5d26dc4656abc370468ec40af297ecc2d31a80b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          244df4dca164e80715a21bc2b2f6b1c0

          SHA1

          d34b51489db0506d9f6b73cd487bbff74e4053fd

          SHA256

          796b161ecc9597d78e3ec53f2f3a0bb7e7aae9a7b61d1b1416b3d78487b5b273

          SHA512

          c18e09c98682dc5a7bd6396d5879e40208f679819b80b7ecd59af1f00c7567810b9ca2474a9aebbfcfc65872658173ffd7facb6518db870629415e034de79761

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d0208c02b4195de878f0b7c937e0a37d

          SHA1

          becbccb668060f6307b5d380933f88e620bde7ec

          SHA256

          96b475a2dfc4d5269f536d79738ace9739a0c7a51c8edf034f00f8efb2e125b8

          SHA512

          cf49cddf74044f818a3205b4939ac74172e16312f40574215c0c66e9534a2b4378f8925a60c658d2228b41ed3ea4b48b5efe74b2c16855a9d63c517b8305c7a4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1654eefd51037c1686c227eebb0085cb

          SHA1

          ea4acf51564aee9e0c8a272fd97949bc0920518d

          SHA256

          bf9dbc00e3032ce4fd4474c3f35eed490c8dc921cebe8c03fc5ff797d863826f

          SHA512

          d3c6ffa2b6417cdbf39c8e9eb1d416542eec03e0643fe0a3b2e3030c53f8b9d4dca7f71b7f37c7ba4cf68fca2ce21586f2d704fcd5a6f4d8ea074a9a331c421c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          7931e01293c8d7abe5f91702b328ae7e

          SHA1

          f5f37990ab3dd88b60e23cf1d0a37c65f1ac14ee

          SHA256

          ea6f921c4346ee9906da995dbc32546c55bcfb5f3d6fb93fcaa083a635fafb3a

          SHA512

          60bbac5564710249c09e973cba12992d00d4f4a5772037d8467c4d284a96f2b60ed8f448b36c069e07d73f5e9508cfd4b12c723071fa246976dd5fca10aea0c8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab9780.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar9801.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit