Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    179s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 13:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch03.html

  • Size

    52KB

  • MD5

    b206bb0876cacbdb4d0d447236ec03df

  • SHA1

    1be5953d49f2f9ea250a2167aaf4de3866f7a087

  • SHA256

    d6dea2814f1dcad9261d6d63a8cdd7864797a03b26c75a8bd17a042de4bfdf55

  • SHA512

    21f82a65d61d2b4c3e34a7380b01f3d312e837875cc1ab133746b542579104cc303b8432cefeedfce475b61459831860a5c3179598284f3580a1e8b610cf00ad

  • SSDEEP

    768:Z0O+3tOxtbdjxvijhf8Ge0ENAaK/gZu3WDRCw:Z0O+9Oxtbdjxqjhf8Ge0EI/gMM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch03.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd67f15f2f51cede44ecfdbb0255edf4

    SHA1

    473289fa101b1c18678c0f0489cae8fa5b8a4eee

    SHA256

    0bd0f587cab197a2ade24c454efcfdd27c75d8b89d18c3ef8d683ca5b2c43569

    SHA512

    f7b01c463ed7c3b42b62b95d02b9f99d57caf9927edc485b3a3e59a8be0d5a9201ef71d720441538fb02d57718f86a1bc878fb7752dbeeef481da66e824c2a50

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d9e06e54e7d4609d1c8390001eae53d8

    SHA1

    a63ee9ad785bc870a4f0b1638bd45f3bf6650303

    SHA256

    1935c90fb47ae29d916a3ddfa768ce6b42f4021047555b5bdcbaec22814e7b6d

    SHA512

    791e2460848da11d174c8d2fa4a7d0623ebbb8300a50fa323c5aaed1762ec2ce460ce3ce0d5e3e2d6376264da7b1a2f6f0182fd95f3f903b946bb1cc4a6e8431

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16c084b9c7524bc2381d6f84e7af2efc

    SHA1

    ccc959187d9995e5c2f322434a3ac6fb0bd80e23

    SHA256

    153aa15e1de275d1a3ae322589e0043b15d6806c68408fb9ade24748fae70080

    SHA512

    41300be1c18b23257e5be5cb12b5b617448c0e10b1bf39b134c8cc1c2e241966a044fc1211919bdc799a000c8c71fe6ddea6b5344b4d39bb06e19ec1476d1afc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70e88ba3f65eb10e391bb054468e069e

    SHA1

    16cdb94585ae7d07fc752be2d184c3ef23f9f2d7

    SHA256

    6583448d72d9d3f267167b3b6b42e6727dd302745390203c4bb45c544853f06a

    SHA512

    87da0de3a5e3956a9e9af3993c0cdd29c17bab4a537a3bfbf82ed65bb52ae850fba77fba13081586270b3398e86f8deb4db2e3f13ce7a1763cc3fd2f78159cd8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6b3394c0cb60b3c1fb8da14dfca483e

    SHA1

    fedc0d21afb93ed66f466b475a92623ff7ca5d66

    SHA256

    553218a413ae4f63976880f933e727bd012e4c48c50783a8769371422a0f66d9

    SHA512

    bb10db7527630d20767296569ae0fabe7d065cf2e28dbe09843251a6841b2e136c33956d595761d3fb9863e45799967b7d32bba48f5a319907d43b7277cbc578

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e59d3a9d2a38f4dfead00b3f75a02cea

    SHA1

    624fa1f2e2ffe12e3b8c4bbe1d596752db715611

    SHA256

    a0589160d79ce90e6ee2b6fbfaae085bfd70cc5e581329d8b92bc3c445d19629

    SHA512

    e03060f951e703bb3312425118398935ae662d56a260d9d885b778910494cbb54c1e88619b7acfdfb4fa959aebaa3131d825660af39ff037677ef961fdeed531

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f515dc3d2f0d994e51813340a06aa91b

    SHA1

    fe0b73a92546496831c9b7cb9809c3fa29faa609

    SHA256

    e566b51d2952a60de0e4fd01aa43f24294a1f9ecc9ebbb574cc4d82bd9528ecb

    SHA512

    431478886db8f4b9323c5615bfcfa1da9eb9e7163cad6608356bfd08644f4c166ebd74cdeef1bf3978dc71daa05b9539bf1bec382ce4409871106a107b33fbff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f18aa6bc825ee6a1859e0a03ed42a2d4

    SHA1

    70158cbb371c7ab70c0b1a7938b85cafbafc8157

    SHA256

    e585ed0666187844b6625e4d214e09b73031c3ec61950601761d701ac299a110

    SHA512

    f26fb78b4e0e73f13cc75710d4a7b18aa0b07bdd3bb92e7ddc1b5851f6bb0602807c744759752741619a27eba9b0e622710cf6ea0518616c20812a4c7a554b27

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF9FB.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFA5C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit