Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    169s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch07.html

  • Size

    11KB

  • MD5

    e2559c7bf9554287839386eb48ed1be8

  • SHA1

    e83992027fe9a0a2ebee5ba6cfdec9c993d6732f

  • SHA256

    c8dd21da842f4bc6ab6b17b4b8d6976274bc9c4b6cc63b23532a0eb308e09d09

  • SHA512

    f017873d5fa2cafc41f223c5c366929c7935584b65cd84f5617820dd6d7bb6214cc777d2da587d8a6eaf32c8c89bcee42f714cb0a413e46ec1b7558699b9211a

  • SSDEEP

    192:nyvOHk1FNSMuoTz4bOTtsorY4k9h6B30rK9hM0PkmP+YCBFbV:nyvOErYONtsoqUGOPq1V

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch07.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e63326f47981594ae6406ef8dbf01b7

    SHA1

    09cd64339ee99c8351036cf88308ef77dff54246

    SHA256

    270e8fb4418144f3df2f0c8e32424b7dd5d91fb69fc244182cca2fb8a3f300a6

    SHA512

    bbaf434951d5347bc5695a566a00754629eef37198046e2a58a14bad5c90ba5c00d8755621fd10ca1d4791ed39e312445ce85810199f6de39182d43e3e04aacd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1482980af4a1a9c6510dd287127e696f

    SHA1

    c972c610ed342b8889be6b73a1ed8e1e7e5d1f09

    SHA256

    083d3d4fc47cfd94107d2c0b6493696843f4ea798d77135bcf9ddf17f2cbba5d

    SHA512

    7a51b511fbfa6b603990a542a897288ed0f9a6e9f710ba1a65c35d6287c4dace78b3cd71450a9dc05d67416e3c7b136b335e4a934b3639ad5fc60059c4af7953

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4563d4e2e667599c9ab36757e1e52e2b

    SHA1

    3ab69d4bc2819002f57a5b7c15b58b3350078e60

    SHA256

    6bcbd62674c404b1261ae5d7c49d5edfce63d30b643e2a13ec0ee1e1fdc9d12d

    SHA512

    50dc997c67dfa9a520e0258291a076b53f1af62044c3025118846d351b3997d56f66da4736b07b47b9d2320de6a5cc6eb44f09a341ca94931c6330528dc5a0ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    909374c4f2e33fda99eadffe485ddcc2

    SHA1

    9aab47a66c9e026ca4c98066afd0fdaae24fa42c

    SHA256

    e8081247d82b60e326b2d1409056c68a5ab58a7b173ad3cd4e2c3cc0244737cf

    SHA512

    2aaf3ccd6fd0aa14ce870fb1cfc760305254c042a1e69ebc8680c295dd182f47254ecf6f1eafd606685c96813b3bc0cbe2fbef733d0354019f619f0ebd33a3d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ebae4ffd3769cd4c68dd58a6e6fe6daa

    SHA1

    8280b0653c16747835082c421c4a9a8bf47b11fe

    SHA256

    5eae164172ccebd29f66773b3440bd84ca8adbc8088e52c80a89bf78ec89211c

    SHA512

    3d1d68ff09e663f4fda93ce237c5325f9dd1921917f8d68c7708265d4295edde9675f4e5f031e8a072fdd6e85794cdd39488865e8e086d3aec00362cd4acd0da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e70f32438c0b90d41066d67c56214f6

    SHA1

    e93d1ae608954821c1dae704c04d3acde62df7e8

    SHA256

    ee7578ef201a330fb764f27c4252a91727ca5a6835150e237f3b6ca54faece7c

    SHA512

    27b874afb6e4b8b8d0f01afb588153df07a992c0c549c15fb90f05bad7ca82d2bdc7799662f5ebb29738939bb65dc2e6d1e5c75c399813972f14b83601fb4993

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    333f76c0ce5404e217edbe69d9aacb7f

    SHA1

    e663096b613f7aa0d5db9bac1cf07d81d18f5837

    SHA256

    2284b251f21afe414f091fb93862168b3bdcee17862ac4d0656227ab0125099b

    SHA512

    a368e78dbb91505927af72090b143895da9c1e4e4196f8906f969a9a4275741d5777f80e4790f3690e908336b4a61acff0e6fc431259ee96effefa6cd7a0872b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca80485b12e64ecd59a904e11c298f9e

    SHA1

    b4f5c18acb4a02f5b09433f215edf1aa5577d628

    SHA256

    2c6a46f6d55dc18b27c443a5729cccfc1fc56015d60e3d62a64bd5efa4be3fe9

    SHA512

    8e3937973221a26ac67c7c103132f52d02286aad6e2115317d50763acf05f0d04363f40dc94009630c1a56da6907a076f8ba1ae39e0a5115a209f76ade9d4348

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ca840dcd974e92a056940c0025c277a

    SHA1

    eaff20048bbc6176c3a16ffb8c75b24ab7a808ab

    SHA256

    6b91d3a27cf4746749e834f96b427959d2a9b4d4fc0fe4975919ba525017c43a

    SHA512

    cf41459cb51067d321b258403993600a98bbe737a63227e6459942bd179e8e477eb326bec5debfbe72572bc4643acacd0e2e95875de10ac0053e938e1701c3a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c883d37bcd4a28e8239f5bed560c1e99

    SHA1

    8bb1886e362f9f39dc2793fc94b6b020ca223d39

    SHA256

    c3219450ce0b548234d585734906d8201718a40995631cf2b11c9ad5ffe5b9c5

    SHA512

    8f874d5c26ec7ac882e91d68fc67704c04bf7c368b925f872908fb1af19f94d82afb1292219551c537c8c15272c0f96c9e440acfd40e4e62f85659b28ad89cfa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28af37d69a3e8ca8abb7eb354e7ff488

    SHA1

    75d98dbad2f2c89bf8527ef2d5ba7ce4c9550d39

    SHA256

    a500ebd87563078f87d4d9184e577c6fdedcf3bdbaa4e1683a27aa8148ce3233

    SHA512

    b139393b9dd0404aea4b6720979d3dc54d15c54f0718497de95b4ca84098d81e614e15ce8afd8bd2c1da1768a4ebe2c4ab94a509ba6a17a15d879b017d0d6b78

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabECC2.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarECD5.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit