Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    169s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch02.html

  • Size

    7KB

  • MD5

    f588f71f06658473e590951e7fd6e571

  • SHA1

    3f9530921855ff0a487b3e5cfdfba34684892731

  • SHA256

    54a7e645cb4ed230b2947dd38ab5151799a6dad08854bb5b42931f35ee1113ae

  • SHA512

    734b9c831e5aede22e5fc8c19ad8d9b080b080aa3930ebce9f979e5850f2a5551e90f9dbb80aa2ad157d050868b6536f84a3c4298abff70608b9835ece0716f2

  • SSDEEP

    192:WvOHvrQlNSgqkDqjKYOOmmGDdrvvI16zGU2Ujl/EbzTR7nV3xuFm0:WvOPrAYjxaLxG6QxSJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch02.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2680 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    033da6bb63b4d3ee8c4e22795c490ef0

    SHA1

    665d0fec556e497ad0dc110f6755a0e640cae178

    SHA256

    8376ff4f6b66735992f674730449f0b40d07c7f76d049604a960b3b6dddf0660

    SHA512

    4829872b7599930c9b2b71d8730c90a83aafe5e89998b0158183c4d9bd531e1bb1faf31903d1d7a46a009ca43533d4ff1cba73e7542c672919cc90e011a76cb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f36ac1f2259824ec16d049f6dfd7afb7

    SHA1

    e7474506ddcd53400ac92b690d029477deb2831c

    SHA256

    ae51006025c3de55566e65076992af7e9fb786f53edf0cab5b6d185f4481b093

    SHA512

    f462efc60b1d838e7652d656b3df4351dab991414bdacb3cc7119d5519e1bdf6f913ca7c0578bec07f8979fd7f01b95d22aecb6998fa55471f6a42f39dd2b416

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    997f3e05d1755c32c88fcf3f5408da3d

    SHA1

    a17bc5851a5b13f73ca0aacb10c9d471703bf8ba

    SHA256

    cef7fcb8da677bfd6526bb3f9d9d2889445dcc14224b97b81a5cd05a36c4e9a5

    SHA512

    126511d9f1a3584ea41b9065a873e7aa1fb48c5db6caf59f8112941c977c5f2f1a868188066aaa705c76569fd4df5f0e8feef51b6eaaf7e53d0762bfbcb69437

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c65f94d7ed192b90b10491dff5171af7

    SHA1

    ec0408abada9f08e02aa4d04d1fe4ef603339010

    SHA256

    36708fd2d1b93ec3237003b5b3e8ccd151958f9714969a15d6fab0cf9714d07b

    SHA512

    ca3b4ebc68ae41d0c1be7c26e5a18fbf2e1489f89eab70817ecda902af687a35198c9f7c0c73c63df0ec6308a7e13fc56987fefedff1f5e9a069b0b107d6270e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfe47193ec691bc51052b371177eece2

    SHA1

    094e62a267238bcac0b22d23a7647ac9ca380e1a

    SHA256

    5fac54567f6cf22de14862259a2846cfe7f270748fe98ce95ec8dbb71e7bc37e

    SHA512

    2990711b4e6d5f1632abbca5328fe4fb71dcd6702fb2cbe3c2d7ffa33eff99ef6c39c71cb228c302309c32e8ce7d4f615da2bfa66ed6c4b0cb596cd1e3be4d6a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4ce013bc604cde716251bca9dcf77adf

    SHA1

    5c7e34e189abd16425e70eb34aca5fff79014589

    SHA256

    cd1e3419b777fdc0be517630cc4f8d2616dea370f5f2dcf2fa2107e429ccca13

    SHA512

    eea0529dcb2eef4ef5ef7fcd0b85a230a5dd86619e3f116616dbc8c78d5d63e80247dbb6629ee9a644920c2b5d4dfc1071e97ed6719e795f38a7342c1aa50d51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23d4fe475bf471f04857ec0c20122212

    SHA1

    7cb5840f432fe0ec32094f2ae353a3baad3ee041

    SHA256

    989c00253dcc09cfa986e1e637a681df870b01783badc94268ac26a4be4bfa18

    SHA512

    2a756f07a2cea348a8dff1604c3045ff14f96eae0d3683bb0f5531aa6747acf7346624765afc6166ee38484ba0e0456c3abb9887c554c47c23db91927d78f49a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a71a59337385ef8d39224c2f8b381eee

    SHA1

    7b4d49419b596bded6feff1bae058eff9213f062

    SHA256

    5c9158e5ae6d4e2367e86c0c6ec1a260be76575969a86aea12447c52e77da665

    SHA512

    b437b7e1c6392c5d4dcb90067a792250572ab632edea8590fadc868ed7b14dc62fc6da47447c6d70e103ec55b158b6d3e6010d4d6c1e034ae46ff72b1bfa6e10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    87362ae08f28d362b84da8236eedfda3

    SHA1

    92f531888b3234a9b06ddcbc2d0b4add9501af08

    SHA256

    2797c212bd67faa6282871a898cb921d6a934aa42e0286e8482f401dd96aa22c

    SHA512

    e54ec290be4c5dee3c09ccfb8071c400bf6f24481d5e33a633a665369384ad9508e7e981d3463eefa9cbead4010c4648f3a914c3315ede9612f0a193a3ff5422

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBCCB.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBD7B.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit