Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    179s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch06.html

  • Size

    411KB

  • MD5

    6e87188e52e736e3a811c336817b8952

  • SHA1

    510610bf7116da6678ce517c3f3b0ecbcc377fa1

  • SHA256

    4f93a29c33797c696d4159ab7f3d05006a182826f65b546f250cf10428fa0f0f

  • SHA512

    5f2d8ca0af5073d46f29cd1a1d7f86aa79d75662c355ee9c18d0a46e9038aa09ef6caa09062c593914f99aaae7ee8f7fcbaf75d27ba6606f79b872d97f455a19

  • SSDEEP

    3072:AQer53hT/1Fk2B+XM3H8VS7SaP0WSiy3eiVeBVGCni5RPTNy:Af/3kpgSwVGB5RPhy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch06.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c2fa74d176fda824b4d2d9daf78fdee2

    SHA1

    cc7cb85432c06e59bd0888cb642d99e3aa14c79f

    SHA256

    4db182bab87696489f045651e50b88f8d0556f7d2a0509d05819b80da29109c9

    SHA512

    47cf98954d0ec50e997a81f3399ae7040ba0e90b004d4500457cc8e3dd1e271a0e74096bd75fb2a59a1cf605a0cd1cca9b31947248e89df65153edea070d06ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0fc9f39a0ad68d78c97ffa7a2485c315

    SHA1

    a7a7a19e2081d177dbdfa438f5754bfe8b29f225

    SHA256

    79392658d3cbcafc691a62981783bff9011d1257930d2e7d9dce10732e272829

    SHA512

    f79d8b3c022d2760b9f33a31a1cb07bce78068ce13758ccc20f821d3925296c1140b2c28059f40891294f67b9a28625f0485ee97c873ff6a4dee279bb06ec6cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    190999107d2fabc904d8cd6d1fd3334a

    SHA1

    d371c3ccc61b16833e8d12e9c9a5446340fa1bc1

    SHA256

    0ad6b05cf7844365c548c57790ddbbd3885f2be7eea38833f61465b96174c060

    SHA512

    451b5b56c8a6637509dceccf4466b9c4665de1eb4af6705e52e2d8342677618d3af568152aabeff9111e63fd972adea09064c0f89ea8b63a494fe4c8231fa239

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2889593df77484e7102163f30897b4bd

    SHA1

    b66f40a166b398e71f497626a40be557c179a903

    SHA256

    0be36c17da8a7c8261cb678d3c48dd1f05d3fac6721104a3745ebb4b5c4c4e93

    SHA512

    d7d4686391c3205d8f74534858276618430c7a2d719a0a0f735e10917966a4015d7c66a8ae7e4d53a49e31b9b4e1999b742f60b15d6ef5eb3efff3d502e5a117

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    71799d7ed03d1de88423bdd4404caada

    SHA1

    07645a70b157bfb955d277f3c255a6cc995844d3

    SHA256

    08593c9c245afdef38e005b7d1768e3e0be9452e93b89afe5e84cdee84ac34db

    SHA512

    6b96463a99a61f2980b08152299075e6245dfc0444ee11862c207296e62d2ff32e7f33c38062eebbaa3efa398da43087c5f183d5e60b38bcbe83eedaf8c8aab5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e054f8d6e69ce85b1be8f4c581c5b0b4

    SHA1

    7519bd2b7e6cb1f44006eadafb6b1ec08479f44f

    SHA256

    45b0e3467976d2f45af2aca2f4b08066f747609ee427867a0676486616c2af3a

    SHA512

    529167e6b8a1ccdae633585793b7607a1a8e563d09674d1676458b919582c7abee6cf66190057beefa04a5c8cfd996a7ef23fbfe9928cd55c32bdfcce55b932a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d96cdf0bcdc5bce1cc89358150a3c8fd

    SHA1

    1ac38f579b230dbe0b90978fb3311f65a743c192

    SHA256

    a3bd9f3528649be7238be03cbd1b47bb97b217e39ea196dd577ef53bd35c3de6

    SHA512

    c68c1c480d34c91b5f30bd8c71010648baa85a4e22c3b60b418443d06d43678d39d61855712e37e95dcafac62be909b7b2415634af927d1378caa6f6bb3d055e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    121efdaca477c65bbea28bc314cd08ba

    SHA1

    7955a458279740ffa244d9bee9bd7e275b30f918

    SHA256

    10e831ba55a0defe7be82b26479d47d76bbb71f1dc0d9a9de6e46709710ef419

    SHA512

    6044d7a68fc5670d65726b899559e4c2492cd82e33cf47952791757d276312173085f509110d1b110cc9d27bff4bef1a833500f7346f892e923b9303fe10a577

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    154314130d1e755549465fc1381b4886

    SHA1

    47860e6323b814d5e084db9b0be1f89baac62ec4

    SHA256

    1d967ce58efbeff9573f989bda90edaeca73e4efbd7336a3c77ce619ead889bd

    SHA512

    9a8470e05cd2ae45cec64c26c898785551d5ac12b4a381f40aef064bedc8fe7995a1dea51785433a017b473d2878a5fd273de5dba1a7d03df0f2c239395fec2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6d99d95e76f7527efd78a373ab6502e

    SHA1

    42d5f0b4b0ec595ff021361d679ae8251eb9eab2

    SHA256

    37e5eefbf0d67831c17fbb919997e09574b15415cdec0acc7e3af1e868b0a322

    SHA512

    269fc5b15a7ac3624ff098ccbac41bf00159a78dced48d31b3fe77b54011109143fd4306052540b0be5189944a685d658b0b4b8d91af18e83079ed7df1b28055

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03e945c37c6d58d73bc0e7f8e062f505

    SHA1

    16f5c9364e1faba3d3c9704f976b3835cd3bef51

    SHA256

    217f96c89541665a68710a7ef4ac3d30de089ba77b9827a39b707e2a32c90dd5

    SHA512

    14e76c4fdb36713e435bfe3f59a1b7b5a789984cf8908694b54a7b50296704bcdb1ce2436696188e67b37815ce337c16551bcf52096cc92fe80f2616c779fdb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    621eef58ff6cf54b73265e8c1ccc65d2

    SHA1

    f980f1f9c5603e6310457d0e5c8e1b93ba9c6dad

    SHA256

    4ff86c65320e4935fcffc322631bc5ed61c983d2d8117c703c7db2b8c66004eb

    SHA512

    589f5f294005e501618ea35baf1b1647a1af0a6f0f36381de3b095f1dd10c641a9db2648265fe61a062d4593345a7255f0ed22a892da97cea639467ce76f40fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5c718de3b0960ff402f9f8678f97122

    SHA1

    1bd8d375e665723e4850cad6ed5af7bd4bb3005f

    SHA256

    0a57c96360505d1ad55052dee1a1aff425cc541176d8b5227f522db613bedf19

    SHA512

    7ce5164f03b91d9ba0b4217228f2b3257adb0db2a3b9c17374c3c0a9b4461dc1c0b9ad7158552264a1f625dc6c6cdf56aca93f79a8403ae1f9d02f49ef5bc06c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dee00a69f5e71e8d105341ccb547e4c5

    SHA1

    d3feea112dc8c51ccf7822344ab82d4ba385f89a

    SHA256

    6936e345fe83dc8d35026da7f99645ef0e586188b988140b99ba5d7ec35e50ec

    SHA512

    87e35ee9d14a8aec6145c1c7d9c8f1cc5ee26b7d31ef427b12a09c59d0de04a7cc5e5a4eb660080e476e37658d8891d2e8544c71bf55b2e27033b95de3366e9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    12af94cb6a6e5ffbcf87206765fea9f8

    SHA1

    0a54d20cbfabbd97e2dc5c64fbae320dbbdf24c2

    SHA256

    c7a45288f562b853f5d4a7f5e698d366048316f1ac4e484ee14fb4e08167fdb3

    SHA512

    48634ef2a4e16d2c003f6cb535b4f807828f1d6b42d0fb816ec62e747c3b92fdc462e2ac33c1820bd4763392ec211f9fa50f84a45b1ad2159c362c13d681f348

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    107fcfa45183181e4c5424061d2a0b72

    SHA1

    78bd0147f7088e6661216cebbd7eae2ec550bc8b

    SHA256

    0a0973be3175e205af62326c77e1bb8d97e51b00e4415653a610acd70d5b3d11

    SHA512

    607e160c8267ae837772facf172f030f2eb718bf802f9fbeb8193661f6e4ee76b97c80379d5f349b64af4613265c2095d2b6a63fa4c1fb264e710631c2918032

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6B7.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1654.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit