Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    173s
  • max time network
    207s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.html

  • Size

    27KB

  • MD5

    24bd238dffa1858f385a6d7d19ee7f72

  • SHA1

    0a578b692252d7e32f8cfdd15e67a3b30ca907a9

  • SHA256

    fb118bffb0636289be9068406ac581589e01a0145207948be0bdef320cda18f8

  • SHA512

    caf6e8e62024cc0f86c2cf93e64dcb0ac09cc440c6336dbf4077c25356d0de57d1c258d347977fa420fe9f6235220664c8ffca61b31f4eef36d761c7cae3cdb7

  • SSDEEP

    192:nyvOH6HpNSpAI+IGWG9jj/r+jDQYeElupe5EQ0CalfqL/HTVn6DNgANma1dy8DHe:nyvOaJYZ+IfGtV1ej0ztTy8DHa3D

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2920
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2920 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    606afbd39f2e3cd8322e967b38e46eb6

    SHA1

    ed8923d88bbede0b0c339d7d608fce0a22d6b635

    SHA256

    7a8fe1783c4c5e5f7714832f9081ff3f8376772b92c74574a1dab6eaf8ee2e5e

    SHA512

    42f2b77bb59efe9264a680d4d416cd6ff7a323c9199ab0b65397e02234616b0f41c9fa9f29860e3bdcdff5a8af9567f587a392f1476591be7ba919394466a8d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f19868a257176c9e7babe6c2e66acf53

    SHA1

    5c8b3479842ed675668248ea374651b7175c88a0

    SHA256

    75905794aef0ade4f7ea9582d72fa13ee6c75725a85b54fff91f809a0a4ed1d9

    SHA512

    03c0e22f97896816b6ab12d7a5884e650ed25260fabbbc48bc9280f36a96ded019373ef955ec4340cfbbdae691cdff4c18e2231a3d3fc9f0b250e3dbb0eeda84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a39f25962c55f7ad5c073905936fb11a

    SHA1

    a6f87f1aee1046106d11eb859d95fd6901cc0ef8

    SHA256

    31c5f9abc5413e5c443994d9d58419a04fcb7e856719063cdf41fe4b0781439d

    SHA512

    8fdb6633343c780a9a14e2f8d36cac869b95e3c51050e9a79fcefc949082edc66ec7cdaab520c8472e4a490ac5a55daa92c507a5ac1946c0aab95d73d5a5b01f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6499002e2e0107ae90d4d41f313339ac

    SHA1

    12aeab9cfcaf849977506ac086f3c8c48a9e9508

    SHA256

    db6b77c4ddaa7d8bf15737fa527ababffb369da2a6e7df17c13da5024a0fb2db

    SHA512

    12331715155b44e4f5c71777d6ed5bcf7a3fc2896cdabaf74b12d6f3aa09dbcc4a5ca70c90f68d61e172ec4f67e91a4a70958e829d8e169161efefb2682c2628

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab51CB.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar51FD.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit