Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    184s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch06.html

  • Size

    412KB

  • MD5

    e30defe6fa71507aa0f122a1ec7f92d5

  • SHA1

    67c4226754655ec6ce2294fd7b2d29af2afd44e6

  • SHA256

    fd41fef393b888104cf69600a29726e49947960f0f93cc38cd7f401ab46a541f

  • SHA512

    c61736a296b0981c9075ef97cb4d034aa3caf175b135e507c90e5a681ed67377f3614dab62446eec227379c9c35e5ca00d2fab1c6c7ec6c6ec97fe2dbb5646b4

  • SSDEEP

    3072:A5er53q5/tpk2FBCM3HeVSxS2lTWSV931ZVeRVGCUi5RPcNy:AkYnkTLSYVGA5RPKy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch06.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d50cc7b918944be9ec305c430070f9fc

    SHA1

    c11840c923ba521eff0b80c961d36374d42e4d4c

    SHA256

    e4da4c0300e82ec3c6edc68033cec2473dee4b7445bbb5d6c570cad52b6fbc42

    SHA512

    06e7532b52c80078588de1bfbdf7c551f7db58782a6b295f6a05b98a712d77b5c044f39ada553cfbcd27a2541daa5b51ffb1d4274cbfb22a994c60a8ac38100e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    488816b65144182941ed98e9eff380a0

    SHA1

    43b28ee087dfe102e60809dd53ff1b33f4db5d25

    SHA256

    d1fc06ec02ba5712146ff91403eb5d77818ffd29da756b5f2ed16e421e0b160f

    SHA512

    513bd7ea6cb270a6fec9e632480e45db676278b6248ed76e1d7f44474bd3f170917a2f90d4d2cd344522d4e4ab8e22387ac82b0d6b99c36e77b4b439493474dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd0ec84a05c972041336c47446f39c5c

    SHA1

    7c588d9d25c3e5176f0e4e160195322be9f5e396

    SHA256

    74dc7e2a81bf5ac76f1bfc5cd89fdc6823f4fee164f6a025c25efac496fca834

    SHA512

    7559946069f785aab931d26c39dda87d9222f621c35a0be90139cbcac54c04404de3da3cb67727ceadf71d8d7d796952b53b083f6a35b435132d0fe0c431e9bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    af1c547516c1b2f6c96d481668608f4d

    SHA1

    c87f5b95bad047e7f29d8e1f398feadec7813408

    SHA256

    8fc04c0d8c145ec4269d5ba5714a24e86915ef013ac0b49bf850323776fd7aa4

    SHA512

    36b0570fc784f27168358c6c1e5a68bdff9e3f7d67d5aa5fb4ced7753d8692c98914bb9344d7260909dd91726cc7144f4d0bf7fba7a3138723372a3cac162e61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a7678793a9335cbfbf55c0927c5f62a

    SHA1

    482f9c92d4e5f2ac466143b67d8360c66d34bef5

    SHA256

    fc9e79b48428f3a7a92ef97e1417bfb3e639bbbd8864cdc15f8d7af9e5f64e23

    SHA512

    7b85c380f2b5720e3aff93f071f40526a5659e08826476b3c148ecd8dadf444c988cdd42c766d979bef2defb9b0b73135b2b04b40e39a3cb31846eef2bdfe9f8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e863653dda4ca80bde7e90cd950980e6

    SHA1

    4bb92dc1bdd519c7f812d80a28affcbef4316ecb

    SHA256

    5f658dee8f8fd148fb892d0d7e49b3c0a7ea08a646ec322a87297dc90e0e1a49

    SHA512

    c3b31d17768116e632c59d404e8b038960e470ee0b1fa38af0261c8b257bc9bdc9e7af087bf42cc206c52e1e325a1fa7a0a836dd72ec38643a537ac4c2cded89

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0de02ea5a3e070361092add1abc65be

    SHA1

    5d15ad979a09bfa0b31bd71942642e8b8b3fa332

    SHA256

    eeffb4566e50911e508b483d98170546981c17c188db789d01b21f08c95ad8d5

    SHA512

    0c541726766fc5cfbe63965631ebe6eb47a5c9ab41b78c5f67bb8f98cc091ec1fe741da5865247be596b926df2324e4c694b1fa6e9420f544a2ab08b58b7412b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    53fdbc8d119339431dd947fb87bdfa09

    SHA1

    06262556547ff79cc222d9552ff3a5ddc2943ce5

    SHA256

    54c8d333f2701abe8c7794c9b41553030ef38c825ad10a92a3c9a458ace152de

    SHA512

    65828969de25c728111f95f9b871c578aeb91b82f331ccd5bb8279e0f76635e92893d6648c3dccb04f3e70caf112f2f506f5031e67cd3904c8274e28aaa653b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc0f35815c4169f7d7a5024d62de919c

    SHA1

    274e651efadf41462ee765008674fc1891f81822

    SHA256

    5767789ed0a12a568ea7eff12d788a6f9bc043a4dc2115b81b80af362f9dbd68

    SHA512

    b7b19b027955db560d503e2797e3aa823183853ca419bc437dfa16a8efd6dc201b74dd85791a81d4a6d2e649c54321379035b5f4129e5ed9c1429cde339b62e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c52b64719d15f0f63e0e9df443ab3423

    SHA1

    4119da9c8b49342a0736dc7e8f3d59eefda6591d

    SHA256

    fa99a454d86e13c645f6554d3fd930f09bf44b14ce2ef6e52c4e6532c6a034e2

    SHA512

    0a9c4adca22dae07edb879a6d968a9d130d71eabf43992975f973a78c2b601f9ce97139d19fba212e377e1436ae21d30bedb1f8b8f00c8b3c985117b4852fa35

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3E7A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3E8C.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit