Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    164s
  • max time network
    165s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch09.html

  • Size

    48KB

  • MD5

    d61b1ef443070edcfe4345a894bccfea

  • SHA1

    f5e8ef62534ebcda29a8ec55c7daf06fcc0bca9d

  • SHA256

    91e3e2bcc35a000c16bc54c46a714cd3be466b7941446bdd7d46dc75834371e9

  • SHA512

    4f1c33b76af195bc45ea43d2ec7c14c31b5e133672169a04b4f77848a62d63f4ec1944b8c078395f47ac8fb7e7ccf37bd49171522fa6d9fab6d0422c5020e52a

  • SSDEEP

    384:ZyvOPaYtMKx4U3iK1siN8I35lKDiQjkFRJa8VflHpCQWrrEobjWZ+B3C0+BvPZKR:Z0O+/UH6I3mD2JaQWkvZuCg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch09.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2328 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2728

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3fb0f7d6d5f8c1eb1afb49e4ae003e15

    SHA1

    20c3e066c563518e173ad22cbd3a50fa6054656f

    SHA256

    5cc52cc5326b4176ad2e6b91afbee8f718c6f8eebc5648f877e7bafbd9ce5092

    SHA512

    575ed0c9765c440d024fe60d8ebaec1c2e1086da20f268c88e44560c64b3ea4ecb2f98220b4b8cd4a0e9ec3fffc78c9be2058d2a61d082dacfcbe2a07b75dbca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46fcab98fd6c1ec14936d58305588aa8

    SHA1

    8dc1be51418c5c6afd82fe63e2921825c96e4f06

    SHA256

    81f12ce5fa42594d4dd909b2cd5829de626cebf9d42d5919e7ad9f30f0b34b6a

    SHA512

    d8acad1b76943e376b10cf7a9026e2dd3cbf50e0147f1d67ffbb9487b02428f24beccff72c5bc9b6f5813f5dea0635d30899a2df37e2a6ca89aa1be0196fd5ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32320ddbdd8fa37d3a2aefd29e07ef45

    SHA1

    b62337a04867096836996e63a51dd85a9f920139

    SHA256

    8ee4fdfe0961e6153465339ed33d0a03df06b83b5a20461b9a2da1fc55e14353

    SHA512

    147941027a8ac9ad77982470d550544cf139d0c5c387b4d75d75c8dc7b3d19cc56643f47f61ce24160f46b1b1c1a5fa0a6e7b0c840a6dd37ea729bc925751a4a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a307cbcd74eaf721af526e39c4762e49

    SHA1

    4f405ebfb0d8930c8ad7f41c3ff027e24ffe54b9

    SHA256

    cde53c697c9661c7fed1d1058efb9927a33c2dc13f1e82a8bd621d02edbfb224

    SHA512

    290da69f7c2a046ba6f6e224fac3d6d0ce42e7b8505b05845bceb13a30e9280708df7440dfc2067c2004d32aac36e95daac54734700dafdadee474adf7280e9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e5d05516380875ecf34c57cb94a5984

    SHA1

    6450da8d387f289d65bdea5f1269be41dc44c777

    SHA256

    c3d5d21a1d7116365dffaf60aba127ab8a9453137c46827b6a0aa17e2c347cd2

    SHA512

    8b16442d548aa98b12acc07b4258ba1f35ef4969837f82edc75d1c2d3ba069324bfdfa39e47be1a0a7aba3f369a9b58cda12e172efcd9adb45449092fb54bde2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3456382791522e6ce593d0ff82f4ae62

    SHA1

    6249a2f6db52c4124e6223a782dc47025322e4c5

    SHA256

    c480d75667b8628bd015c2bf7a16af87780a4589e23db8392ab4e7393afd974d

    SHA512

    1d957ebdb36918eba8c142049dc9783fbce3856e74fcc05e7112bde3344efedf8e155882032c969dfec3c97974c2d5dc9fab08b9970b9d3833b6d9ecf11e0695

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46a1a0d9d5bd73786e5b744a13a2e2eb

    SHA1

    0eb83de451e8056ca2c0c6c283b1e0c84793745e

    SHA256

    91e75c002bfbd18a0348fc9661bdad2c1194eaa28d8c96b05a1689b9e532b12c

    SHA512

    4a58bfc1f3045da65817390d30c86663017022301d0031007a668e371439742b43e2770d174bd8150ce55b99ae94870fe9028545ab8b09a870da58efbf6eaa04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c244319480e97dee9970eeb0e5dda1b3

    SHA1

    d3dde3b0db6a2ec604a1240f5e54b0f9f77fc52f

    SHA256

    a89f5e0623e049d450af5781ab5c8ef238ee0dc49412e7f0827bbd8ccfee6d9e

    SHA512

    756b45cbf271504bcba2cb89f23ab8f45848cde98335bd651b313ff35de9cbebbf0eec907dbd0b1d082da0312ee08f3967e3e8b44fe39e6ffda2d5d795696479

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6ad531682c1eee12ebd8db5a01c7815a

    SHA1

    dffe4809fa8383afa88adcb657ad3697122a634c

    SHA256

    c8382c186276c703e52597eddc4ad9ac186a0f5659cf8b622697592bbb08ef22

    SHA512

    9325926f66c5f48a3c52b8a6559d55dc3b3ae8adc76a061ff867f8ab1e8e1d3fe56507a50c7e94a6fa9d1602f18769c8131625338d3f9b78fc324b31c52745d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    80bf2c02518c8228169831f9a7520a0d

    SHA1

    950963f6b21e7210d66ee8d9c6136dc82ee08d97

    SHA256

    0fa14a3ef144678c6dcafa8cebea05c8388e9ff37a0b51e13cda6b88a1d7fdb9

    SHA512

    3a43b7275a45d2478403cc0a4107b0669f51bd5588801eb7501ef34df417a1532571c0c421747be78a25261cc1357bbaf370951e8e5b8c88ccbc86b1f96e586b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    052c7e824df00a67444208357722c022

    SHA1

    ff15213fb78ffd198bca6d297c36775a9dbd573f

    SHA256

    9b77d46397d4225cec9bca34f2aa3f130b40dd4b4eef673bc39e76be4e672508

    SHA512

    a9950ef580fbb81fccf73aaf3845b8f3763657afa85906663357cbc0dd5b35380883bd9596a84de9369cfd4e3a429f87e7313e44cf20bc9dc6140bfd2c58cf82

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE8AD.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFAF8.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit