Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.ps1

windows7-x64

1

CHANGES.ps1

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

1

arpaname.exe

windows10-2004-x64

Analysis

  • max time kernel
    118s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch09.html

  • Size

    67KB

  • MD5

    d47490a7bc42e482b1a8872cf015ce56

  • SHA1

    73543ed509f050931dce9eb0473da4a5ba3fcd73

  • SHA256

    8d0845e4273568fd1a3b321badba249c303b9ba484dfdedbb89c285378188549

  • SHA512

    b81aba8acc23eb74cf348ae1c7c158580d9350f84ecfd28ffd9785bd0d62980f014cce89d35a6d871955381efd8c6e0b2b332325674391d310402dd4ef5accfb

  • SSDEEP

    1536:y0ODUaJU9r1PGW+WacqPKMsVSxMgRXkwZ:y0Xaqf/acqPKMsVSxMgttZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch09.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2516
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2516 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffa07fb7ac82ec5f74482c093ca62e88

    SHA1

    93b9a8be2154059ecaeb52a8f4847c21a10b97cb

    SHA256

    9b3151efcd6a2a31ae0f96396351e1078e19b0ad10be3566c91a0ec8c8229757

    SHA512

    ab0dcacedfe2557bcafe2e23f2a31e3fe7465083b98f8a4319d8c681fa5f4b55b1994232577176fab4a80b4d779d78dba465ac94c7147fefbe5d10f2d3ed71eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c255f6ebd7591c30061d88c7d95ec981

    SHA1

    ec8d10501adc8ef837db903d78a57d81ab1eb528

    SHA256

    8b8698e1b1ca03e8c8d1642fa2172e45f1e1d1ccb0fada5fc2307d05e2a31d95

    SHA512

    14381b986e35611f8bc4c1ff15d3c7c95e3510c302e26bf1a2e478be6631a74ca3847e1f7e5cf449636ffd1cf82dab3c5c324fff84e75a027057bb291fcc66e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fc5bc7e9a15a5002b0d1a3e55697ce5

    SHA1

    98ce600e0ef4563bf84b2803d5e4a4143290cfd6

    SHA256

    5c8623ac67194f10372dcffb1c8c4cc67b97e32676efc174e1a445c32af77906

    SHA512

    c6223e23d604ff91118caf96ad770ba76be5f23b7c9b54e9cf3e539d486cdaaa74586fa5f34a24d1e21b412775a2dd59642bde63f3bfc00df91b4131634d6e5a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a4e10204363e601724497b3f337715f

    SHA1

    65aaeddb18a0d979d4f87b8b89a82646f84982a1

    SHA256

    d2e61ef6b797bb2f9da8a11aec1555ff80fbc0a2d8d9db185b572f86710174b0

    SHA512

    7230031f7260cdd7e3cab212e37407820c358d962f5eaa0085f4d15efb1cf8ed9b0b38328c927addf2762ab7be3d7125e1a247b4a0e6f44e6345c6ce843c476b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6eeb1247b6da627fddbe6d8a0b0038d0

    SHA1

    1a71b04a97ea56b0c25ce28c3d9a1f07407eaf87

    SHA256

    cce83dda27e2e7b07b8ff0cc43c58a72f5d8907e9e669543d715165e8be3906c

    SHA512

    2dca36cb520aa9caf63dbffc8ac6461884691e9d48e8b1fb080bbd61dd3ca800f7c2364546d9b37369d3ca249367af7ff62dd5c00ad441d391ffeb951ff32482

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d12e4a3adec1e1e22e8be90b92942256

    SHA1

    5235156da4790ca318ae0f9e2526bef0ee9d8cc8

    SHA256

    6a943ea63171cdba31d8e79a8fcaeb20154f1b85108cf8171f33ed647743c273

    SHA512

    4f7ac089ebba8ed5123789e89ae5d3d22dbe2b4d22e0284f7a9c69bc6648d4afa103b56f7a72e89d729578d8f93570e6f3a93d79c84cf50c0a11d123de38a1f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3ab900a9db0e7fe497f9bdacf4fe855

    SHA1

    a43de328a914d7746a350a4824376483bd157634

    SHA256

    2dc9c6696f5a6bae9b45609de9b6fa0076af7bce9e168da78a25aae6912c9612

    SHA512

    04b12427f6f66937083d76b5dc1d7c5478566a19b1515845043dea760bcec73b1b44bfa30da17a8bbe77004037ca90c91a1c7ac70e5c9eefa44c95c95a620e52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3d5c2aa7502ef25846ba152bd93eab22

    SHA1

    633b48551cae3a79a7c0d58f0feb94dac9a905b0

    SHA256

    523407332bd296ef0651d375f2991a06022ea9707953da9d5c5c2004f43ddd62

    SHA512

    18816da2028166197831d487d6f558d5f36401210914ac43c83fd3176875d45deb52db70d4ae29478f812f7daca3f65da484bec590dd153dfbe2663d3478d917

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ece573cef63a9359ce79fa3c2a1bda2

    SHA1

    14af63c50cb83d0e59a18164525a98c5cc3ce653

    SHA256

    9154ad3fb0765bc9589b51cff46d5ab581445c8260567e4d7b1c3e3396a97f03

    SHA512

    886aa8b1937e52b724187cf85562b20e5eb8974b8a7d7ca515aad28f2d62e6e48252a1d9e716685c0433da18c65ba3ac9b0bfb1d6a1c265c576c7458e4637055

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c98736759f4e5445586387deac51b284

    SHA1

    7357d9b70f2a4a4530d115b3c14071f6c9321190

    SHA256

    08d3b6088273e876cf188caf18b6020a1c114fc4255413e9c7c825ecea57a55f

    SHA512

    10b7b6156436a6341d273055e33625c90ac0a9bfb3f377251b25599c8f0d8896a7f7a7985d8d06bc5c14cdf80af98c3504bf6495f45569322588af073d11a58c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d77768e25168b1fe8326a827d8ac521

    SHA1

    e55268b0a7311dc3b0fed7b81a5bdc3ebd5658fd

    SHA256

    8aa8f1c3f4d5f9b855988d037ce4cba36b7ff1189f11cf632d05941ea535914c

    SHA512

    a1275cecd8b60e7b613a07f00f892fe589bd72575adbde3e05cabfdb3a7e5926ef6c9c4544cec6354a3d0eee57bad1eb8ed2750c4f55a8fa45f6f0fb16eeb53c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5063e76608dedaaa50469f75772f7fc7

    SHA1

    95752bb3478b290433d6f9d42490bdfa6754ed6e

    SHA256

    0d128d7866ebdb6417c86999e9121156136ea4c686c5bd824c52f1ce10632b86

    SHA512

    747c625fa947c2dcec17466e14950ee8795aeb0898dbee617f2ced4653fc6d58e0d5530c2d82d8cffaaff88d96b6894d109f97ed0a8de2e250d1ef1708ed2377

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a9221a11670d34fd75cc2fad2caa462

    SHA1

    7879ade1977791716027681299b4eb60cbc10b77

    SHA256

    049e0c6c4cbfb89fb755bfe25849ddbafef107ef65434df3e55d886dc3216d68

    SHA512

    ae4129a3accfead6259c354da51aa16e141068a4e4808fe1cf9d6b920b6d54d498e4790a0f8d6ad2acfad0f4cbce0bd35201e2e17829559584e73df350bb698e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd31291be2405e92a6ac41474f44d463

    SHA1

    1c5d742bba30416fbb0151f0d008aca19a28a82f

    SHA256

    267cd44c24ac21357df84b89c5a773e1599c9de8b6dfc14a3f78f912a19e65c3

    SHA512

    90ff6d1ac9fdf8f7ff180b8cadcb0d1fdd9cabb9ce91d9eacf4d011aa40c7a2cd334490bddc3929bea19086d5f3260c06bac9b20985072e590f4938bb98a51e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de222a063ded56a7cf29c757cc1d385f

    SHA1

    f05427d0bf952176fc0375d62c2dd2639ba9a738

    SHA256

    e7cbe41af829b6de2eaef5a8e8cc178b545f361f960c384a31b6d4a186b3d79c

    SHA512

    6bd3126efc99ed582c7d1eec337b11dbfecc3e051edda8e2a62368d2f9063ba8bc3d8c3d6da0d91435412d2f70f9761071066a007ed65594fb221e0b0050e3c5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    70ed734da8a9b84fb5ba75dd2f722fa5

    SHA1

    3a508aafb09230fb82f80d3a4a569c661d61bf30

    SHA256

    e882c457585ff2387abdd8916245895326403a8804488c52d4934d4e24fe398a

    SHA512

    bc17299da8f08eb4469e1600c55d4d73a3a272bf26620dba7d092ed022803ef7dcf13de4418acfc278c058fd9ab1cd6d1356c8a8b1a0c4d03f06735fb5660328

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    306ff4eec13f1df4466ee8132214f4ad

    SHA1

    d49c7788309ba5d6d73f6aca5c0fa8bfcac07c51

    SHA256

    d0d6b2c70edb36d01e8e5cdeb1246a90fe94881fcb8e5b0b0455e9f48f3a694e

    SHA512

    6c3ba08f7b5ffbd73461beda731a1ac23bad314a02d46780ae18616733dc044c331634eef20858aa8871667d02d7f77d823509943bb5f53fb487103a4ca8c09b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17aecde94873b7f6bee884fff07062e5

    SHA1

    2995f7c516afeed63f79b778714a86c769ef3efc

    SHA256

    8d1d87c190d2db7c072bc3e215cb02079ea6dd10179fffee0050cd39e2ccd1e7

    SHA512

    4611de79b5e9e7f2d109ab56342fcad67663bc3cf5703c3a840138ba1a8262a9cef801e059c2b140aec41111f6a9455181c1ddd5bc87fbbecd251327b72b4548

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e9ad23fe4451b19f348cfc7963360e11

    SHA1

    c3442f58d59a5d4e7d1847d120662acba028943e

    SHA256

    219c06b9df53249bcfb28f9bfba1c8e8a7e073109902a79d4f86ddaa8d1cf44a

    SHA512

    1116fc79cfe4093fc011cbce372d5ebe48c39559fa383d19b69f7abba42ee0cd27a1b1dbdd367a943a2b9039c166b6e1637e570180c3c9439ff59101ddf4baaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    573fd0920cfcaa198bbc140a0bf6a828

    SHA1

    5e395972d7679abf50cf3a1d0e9665de586b2176

    SHA256

    a87c84321badbc05a449535a63629ec5933ed8bed28474d859795f92bac3742c

    SHA512

    7531936d97f6bd96a96bc20b8cb20bf9f4239dd9bdb6a5a3e6bc621e15a01ddb354fd0b30a8aa5c825c38d6f594e20cc8faf45d5993ef3284ab48847a2fb364d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0c86fd650b58d003b5dfd2b281ac9b32

    SHA1

    4670fb5878fae277031f4123957285c4a2ffdb6a

    SHA256

    c3a8e0a1753defb480e7bcea03781e26c21ddf4179a62ea3ed65ed447aad7060

    SHA512

    bcb5ca1844747c2faeceea0071bc35041fa8d67d4c87cac0dcd5d67868ad83837afecb4507b37e134d3ce8de1e5da18d6159538c3959404e1d1a1c0ddd90b192

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7C72.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7E98.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit