Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch08.html

  • Size

    6KB

  • MD5

    2ac843ba202786c7744142ff56d532bc

  • SHA1

    3db6b975b1f54d9eb20305b9898ae64f6f57fefc

  • SHA256

    254e85ac79ce52edb53e4bc27c3e39a4870c795ca8efdbc887db12c32a697c49

  • SHA512

    82da5433999a0a9d052f977c472de0703600ff080da9fc8e44f15a701b3d88d8fbb07b853dd8b27bf78864c4f635a5e8abc35fc098a166582e5e2d3d70bf43a7

  • SSDEEP

    96:dAvOHe594P0VVoIJNaLga+AK3fmeeXUqvqY/6e4eQtee3NedL3n2AeA4gonFPmnE:WvOHADJNSigDSzNlXFmyGivN80

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch08.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd89f96fcd1a9948da8a97a26457b625

    SHA1

    c4db389e4e18037ac7583cce5b5a73fe73586c3f

    SHA256

    e3f3532118ff8dfbf9ab36df602b3340ea62702ea272511acd640230e6fd5d05

    SHA512

    d811db707b80846e1e200032a254ab5e6099bffbbc5783e42450d321b2104b337a23a5e33fb44d325d12e4f5747b3b138c2739ae565ca8ae914d2d553046196f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    67c82c73974799bcccc6fd85fd9034ad

    SHA1

    1ef5c7b0e0e9282f350106c809edabeda388865c

    SHA256

    d80f9f5e39fea67e4e4b1518b872a7c5ceb6dbc4599c7c55d2401e751247d83f

    SHA512

    f05b30cbfe0d950eb3650fdc23c34e632a8a8f055a1e0b4a2b083bc6cf78564cccefb27ae38aabde48472e62b1c074fdaab0295c23fb1531adf79f758325dfd9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9bd857da3fe27c122c287fcfa16e226

    SHA1

    016a46ca17ed667577281c108e59737aa76b7f47

    SHA256

    d184b33f0bfcf065de3521656a960c313145f1ef803823bbacfd662279d5763f

    SHA512

    2fcba5983abbb1eea30ce9825c274bc1695d4be97d1110cbbc435d0b6f5fcce93df7f12ba52d37399c9f55bcb301cd57152ec11e076c71f2b5379e0b92fecbaa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3333a05e117843bd8587176072b1204b

    SHA1

    f844740b4101a5307b1626ff2afc7df8d2b26a24

    SHA256

    4222d17bb67af0e736a1dc04c0ff94d94ff58353f20328567a527a24019dd3c3

    SHA512

    8367f26fb45489c29d9bbf029e0246a1c76bbe46ff4e60f01311b0eb24c86f65119f461b2aab49277e5bc66c929812a6820c6aef1f932d6484ea75ab1bcd2b02

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    64abb50f8dfa629082e5ee0aef04bfe6

    SHA1

    f100c48dea5489792b41662512ba36dd2ac488b8

    SHA256

    7d9c0955857f5c1664ce740e61a0673ac5799c2fce23e8c42718e443dfae095e

    SHA512

    d9a3450b770ded147d399606ba275b3300b0e6f6d6081a5f8ff1e52c47a8d98af3c9de2ae9e7a057fc8377b67498504173f807f76fdc955b027d9d3ffd210a26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebc6f4b5c75a650c1daf368be932f0be

    SHA1

    16d9a10919493164104e16c797d356a310e82de8

    SHA256

    6ddc930bbd7a11e45e0bc4a68333121ec57996d284c0fc2b7faec61e2ee71e52

    SHA512

    2f2a1ee6acea4b13c3ed912a54abb60154119502d079c98b425b7634b7af9df94fd95f60384b6138581d0dc66481517fe6d78f6d3a84865865463d86e198b1ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2db0185fe195acb282cda7227adc9785

    SHA1

    687c0aa59d0a31ef7181dee14c27740bd48cebb2

    SHA256

    aeaf37f8939d54504a41f91c568e68ad34864533ac1967a494df217867f5d5f0

    SHA512

    0bc96e3898bd9bd31d44e6bc71a0ef86174a18598f3ec851e6d76a0f74cdce88a9af8d781578334c4eab039c6672d44f5634a4455b21b450dcc07a238dd7e373

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68379dd6d807e034aa3cbc54c67a0267

    SHA1

    6b3293273fcae8a05a0a4ce4e4adb131e499141e

    SHA256

    bb653fbb9617f718fc7c7a88b15546ac859e7ac47d16a4073ec17a786b51218f

    SHA512

    1753304d9b695096591d345c5118709ee66cf209fbb4f65d8893264098c6818c97061e300f9fc2b266200d56dea60264855df09de25bc4553f35d198e8eb6641

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f525e65228f6cb35dfb4709387d9a805

    SHA1

    6f8bf3d0d8d6dc333321ed9d04fe94063caa407e

    SHA256

    beb42a35aafe07d67d993fc40feaf0c467477ea7d0f4366371d314c950b12b01

    SHA512

    540cab5557dba0792a2ada0fcc1c53ffb4c267a8bf9cf2b8f882f3859bfec3090feb950a8393c3d4b35b34e8082d3bf2a05ac27727733d9d3dce3c9a1d7fdcb9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab77C1.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7842.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit