Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch06.html

  • Size

    482KB

  • MD5

    b98bc68144851b7ef92ff4f73b26135e

  • SHA1

    ba20bc1bedf5bb395d46cbe4403b259a9cf9e3a7

  • SHA256

    85882f47161fdbc361d517bd3d14d156341add79f0b60ec0f8ccc35365f6bf10

  • SHA512

    1467c8d5632d6ec4db24fcedd335e6189825504329597bcc527e7e77deef776f9ec0742fd70b370f8134783b94f28f1a32e039087fbc66b767c74129ce5f111d

  • SSDEEP

    3072:b0zREI3wJSEdwKh5xv6M3f49zFSvtCUrSUBuVfEVpThGVGCPt5RP3R5T:b0t+SE3h7EWSyhGVGY5RPrT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch06.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1580
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1580 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    389bc976d3b8edc124996820a7e15083

    SHA1

    097419cfc6d5680a973998a23ee1fa6701a74c3e

    SHA256

    b2c053093881439b232b81e1249b77cd9dc4c405a3822dd3f17d97ea3a4701d4

    SHA512

    b9edb8ec81c9705ddbcf4d661cd1ebe424d85b66d80ddf7cc7cb74ef07aaec7cdedda0be2857fca13852b852a605128c719ccd6e978f8d6d27b8f984658f086c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    492dbedd198c1059f77b3cb61eaa2228

    SHA1

    a70fb0ebc070d1342c0a7d8be997bb63769c990c

    SHA256

    8ea46b28ce140cf847b60f1e6651f7240a2fcff405d5076350a4b8c8a118aaa1

    SHA512

    346320b57fdeccbcfe8e35e163865b0d707087e7baacbf7dbdc792677ba3dd0648b616c25118acde3e717bfb6ddaccf164b4d3fc9938f3ca07b4729fad14c249

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    178bf0ef5dea51dce879aa617ec76392

    SHA1

    1116f2dbcdd48a583dd977ee1646d8445a8c0c4b

    SHA256

    bcb2553f75c17bb476929752155546ff55f8760754b4718f528dddbe7b8e962b

    SHA512

    3fcc4bb3924c5f9806c4d82e135e93835bc00825ec51ba4987842ebfbdc97593aaa707041e640dca504767af0562dd1def3364323ada7f244d95d3b4deb820d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5565277e34d70f48ea8b5870b67764c

    SHA1

    a2c7316c60c3796d456c1f743fe70924f1b3879c

    SHA256

    d9e9191c9c0296a84a6a974887f73f3f790aa3e0920c323a322835d91e726c56

    SHA512

    d9a3df397b9353d5a9524b2c040d3f06ccb6cb2f92bfd2b432839c708df4bfe873459b33447f711bc594fb5cc8d20088dc0a6357e2c5412d3a93a65c6f2c59ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    330f0c0f9715aa111b22bdf365ebc82c

    SHA1

    faed6fd8d9c016841b289ffb523e8005882296ae

    SHA256

    88c091c35972dc3a729fcc59511121cc78f7eb97f6f59e0e508f723bbb1f8078

    SHA512

    c013d9fa42bc7c309fad2f3aaece7d3eddaa3850a62045e6e0b1d8c13fa22b88d797ac50cbb989e2aa08fa3f7ffde580b21594866630925b1837965d450debbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd481df1bcc362c2c8b3fe10cce18951

    SHA1

    27485c73e7368a986472f134eeee84492d06420f

    SHA256

    94e4f26b2627e52fa3fe0d20ee7002a5d8f97cf0b714fa12450d0600647b4b66

    SHA512

    bad691edab9b4afafca1fd39ddcaeb18d0c679ea8857dcdb3376808992aa55761e3fda8b76bcd980395ffdf59b23b099fe2767708763155e1cafabdc1a30a38b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f7dfc449391e532a41feda0dd48ac0e

    SHA1

    5279da2afbba67519ae18027a953ff9c22291842

    SHA256

    c28caab3974a4a3c91d0ff28bab5d9ee58c6d333ff64e0cad138005a8028ef5e

    SHA512

    6e8c9e87f68f928d0ee778a889b338166502dd763c42dbc8f8e0ecf487b4d34861129c5e45f625f160cc9d340e894684cc91f719d349d633e3358453b1a4ce25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8add061ba7918539a198e54ec49e36b

    SHA1

    c8b1c868f1144eff6174dfc50baeba1caccbd975

    SHA256

    573a4b46214fa38c3d3e6ac988d0cad639324d30181d0ee950cb6f2dc0c2509e

    SHA512

    0013e0dc5f4d3c73d1f4eabee7229b1520c9f8a5341fdebc38c1ff0a2df30dfb2292b15e2c5f7edc6c2b8068901708dd3e1f4c51db1c39dd6d5b9617b34fddb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11dd303e7f0a65437d0f88db40755290

    SHA1

    ba8376f7d913d25fc58a6b14739ab889fc5a9054

    SHA256

    c5032bfa9c9b80db3cc16aa18c4d6fdb911fdea788fd51c5738b59a4dad0f4eb

    SHA512

    e901a9283f7eeaa99db078b0c1e164c3adf0c9a41463ddf71180ce45ecc3f1a10d2d954718e026571dea0b2fa438778b396d0384c0bc8ab623985df487f7ef3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5523a3d5278b46e687dffe6a89404199

    SHA1

    995724f9f7b6e7466fa07c3c2359fdbf66d49617

    SHA256

    62f2aa606ed7ac6bd918169f0e80171ddf2d3d16c85c349052032c1ecafc6f24

    SHA512

    b408a43ee8c7bdfe2891776149b3ef70d98f38012e339ac09a08f4cabca7a10e2dce70b68d77fcfc585fdf12a317b5bfa34e791a081c923085bcfeeb45d79320

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    49cf2c6fe72053c4e84258f65da6f4e0

    SHA1

    a1671e573cd87a69f252f19a71e1390a2880be75

    SHA256

    5e0110e7a23e2a2120fe83d63e292b482fa5ab1ddac10a119d3b5c7a3b40c3f7

    SHA512

    3bb77cc336f622052fdd85af97dea82cb987bd9b8d0f49ed564e5c09119a8cb5a1c211f090701f9c09e7b50b6aa3efb3edce1c9f11862da344f25b704e6129ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca236344be5a4afab2c161d7b2f6b8eb

    SHA1

    dbe75d0c06f70dc8e7a241ddbeb155946c4278b1

    SHA256

    baec17731807804d321b08e743305ffe3085934c88ce0e87d71f1cd7a9b0c446

    SHA512

    9ee44cb697e461cc7a34b858013d10388fcde0184a13f208d383e127afcb440e8a2394d5a9b0b335077be7ef10dcd202c2d8c76c05aaa448461d21025a2b9d64

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74592d1f3f83eedf6cd248a74b0a7478

    SHA1

    e2b350b3f4b963c387301229d3fe4abd7b978f9b

    SHA256

    6daa3731e10c9f1ba8b0b5743a3149fec0fb8e098110a066cbe6d49e87daad51

    SHA512

    606f30cbc95a8aefb4f6ed75a6fc94ddeed5fc76224f2c46179f1130b05154799d7652fcb0086be6aecf3a03364f34be919eed4ce966cc87c2c22e8149547b78

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d5cff5b4235720b477ad68cf9fb753a

    SHA1

    1dda40bae1875bcb4f710e0c6c6003b7ccb73b51

    SHA256

    eed00081f9c704cc710082f690faa69a9e353bab4ae51eefe93f483b612835a7

    SHA512

    3a1161308d1f9c12ff44dcc12b4f696d83089adff14ac070240cb034ec9875984cfcf3727907ae7ac51f60265da956383c409f70ded39d4e1f2322680713afcf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebc20db467c886728d24cb2907a4b0c3

    SHA1

    b9afdb4499fea9dc056620392439b7abdc6991c7

    SHA256

    5af409ca7451dcda771fa43f646ceb01e8d38ee176b92db2405e97f8b1bfc26f

    SHA512

    0e81226f525e3dc9cebca54e1d2768a4ecd0bb588e55f62d3dba578bd8abc03986546dfefc7ab2b867432ce3d0f40533794b927373d3dab9bc0c9a35a57d1fb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e15d8d08706aced709ee140d753b3a6

    SHA1

    e4454ff6c0a67a1b1fcda6c2e1e9aca98d97f6cc

    SHA256

    b2f4122a0bea39b9cc3cd1695d120f8670ba0fd8a0a954f2511050558d04b390

    SHA512

    6709d72fc5900009505cb8ba7df7ff1165fdb2498ecaa1d43f2802f2777beb006775a6d89af55c0ebf60e26d5bc3c55894d8751ea72e3a159ce51cee0dafc595

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fdbf2aafd844ef823e1752ae58cd6e4d

    SHA1

    db99cfcc7f7a499d35724651f5e809a1bd45d4b9

    SHA256

    707abfb26e094936efb3bd9df8ddcbb3c8494a8e38c90d10310d0540d5815430

    SHA512

    2500516c5cc67af300cb42315aa50d12b8bd5261522416d1f006144061f03cb2572abe988c1b75248e30b678575f630b9e1d6c7a8088f925e35518e74b062e9c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB6E2.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB773.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit