Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    251s
  • max time network
    322s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch11.html

  • Size

    43KB

  • MD5

    2d1ee772eeceec62e6a72454c44c9abf

  • SHA1

    c6d89986b9570baad733acf068134d732efb88ec

  • SHA256

    f8bfc5cfebdc443a3b0e9914dad84b6d1385b75ae1ec1545d73989ca33542f91

  • SHA512

    591e4c6834ea88f1e0acd3beffd0093f41e8f3fe8298bf2f388d33620a2d0d8b4ba50d11fc10ecbe8f6659aff792e36e1f43c1c9d99e7af8e78c574f427c7836

  • SSDEEP

    384:nyvOB+EYz2BK1siN8835lKDBzjyF0JapYieHMPt4/UEurt2EVsmTBlhBv9y5YV:n0OcMg683mDJJOt4LXEaK0A

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch11.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2652 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f57d741b021734825eb302b505cba0f

    SHA1

    66c00a53cdb16cda771bc057697da78137916b30

    SHA256

    2d22f4c00576904bc2414bd790c489f51ef1aabedb2823bbcbdd1da7fa96ce36

    SHA512

    a4803f90c25976676ffb72fca438108e48273c86dffc2afd2a824ebe10e976d7afcec09c817dcfde1ae118d17c25d84dd5dfc8969f073a92cd371383efde32e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    24eac9759f5ffe0d18dec80bb35fa28a

    SHA1

    d3623246827e2cb7d649f72bab584c7c93d2c41d

    SHA256

    e15e4b87d39b0f8781fecb0efd0a6eae1ab0022f963bab6096ae938fa4a98362

    SHA512

    3dddfbe96614dd754ed27e77d08480396612c326a68042a19c634725078b0772690b017d9f4546e2b4592210dde3c9b5591cd4f50748d780f8fc308d750f74a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fe355b59b6f51b04ef3d70de1ee4603

    SHA1

    5edd3376a003777b6ba2c6e8a8c316b1a2855714

    SHA256

    fa2f6891247ef95cc0d2e1a2749e0379a2aa4135e7d3ae41c67b74926b390900

    SHA512

    a4126d49029c349abcc2d8729e9eac13e95c30d446d7e003dd0706d9336e3f83b626d4fbe700833ec4195576aeaa402257288cfb2e64dfa32e460f1f0af6f045

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8bc838e6791afc2a01f3127348895c02

    SHA1

    116b54e342a4344491554a857bcf743c8fbd50c6

    SHA256

    768a942d1cee4aefa648d2eb670b2f794ca7cc08c0b2910fa318cb6cf42cdaa4

    SHA512

    f3866562df7500795a9d07398ba2a3010cb76a92673fda9bdae3f4f48772cdcafd9ac8c4310981ee1d751a653aead9d1bf68ab66c0bedef2abb28bb9b05605b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97efab8b8e43285a013be519232de012

    SHA1

    0c738db174cffcb4da6f0ea81e6c01b5eb561700

    SHA256

    08557684137a2db4d2c061887bdedf8636e6cb651be80b183f47f8d2eb725426

    SHA512

    498b59b4c609610d08c39144af6970d31ada1381c0aa8743d0be4ca15b2656ad2adc08fec26b5cf15beeeccfadaa86c7bd9b9dc01521386de6a2978aa70fea71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4a673366ad61df324a3a65cb457ef43

    SHA1

    ea2ce57b50c301a56e88f05ce1ee63c2488af178

    SHA256

    022768ca2759f23fa02dafe0556dad4c96aae024895e8e82d88f11bc8ac50e99

    SHA512

    ef7cf50e48b6a22b7557671d60895616fa37e57888058fd48fae8541abf52542f79629ac7df14fb196369469977743441af5613bcbe7c3ab9688024b3e48347c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f9278b942d2442c7e81ab9ff1bdadc9f

    SHA1

    bcb7efd34d91663852bec94fb9a9337e75d004fe

    SHA256

    90bff2b1004fde38557136c3d9cdbc9860da3ae3aec00853adfc7483221e38b7

    SHA512

    1da43c1594ba223367b8f1ad1895418a3f14b9448f1ba239fbe050ebaf37fbedf4dc8b849e68d0f35a6178f5acf56e46676ec57f2135a8776f8cbc55b8af0759

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bb51efe06f9708598f031cd47d4fa014

    SHA1

    27f888ff9cd0e1edd256f4ce391ed42396e03ddf

    SHA256

    a0a27809ad06f872d9ed312d282ec84a764eacefcc8435a1aecacc2bebe17b0b

    SHA512

    6db6c68c0632aaf8c567ba79cbb175028d712148eb420c24ed2ae980b7cc9981024e12913e251d03c5ca61025201002603b78ab7ba1a977a928ba865b137f45b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0de5806a5dfd890850e44e41e2b00e18

    SHA1

    78e9a70eab5026772653391a269a539e554b2cda

    SHA256

    73bf331194c1c96c69ac4f7263ee59d4bdc0bf0399ad4b1c393cdbe251f4e605

    SHA512

    2d37e1c46ddeba7e8af5c30f4a951bc78beb055b0ef00645a4c5bfb50d051e38d66840600e03504862343c1fb46a404ddfbe344a65a99ab1af6e59c6bff502b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a61f30b7348b5b27936cfcfd877c214c

    SHA1

    fea1c790e2f6a2e410b09e9891b07323c78d6a83

    SHA256

    9b33b4a8ebe7d25eec98d19617ea4f781ad88aa31fb56e407859e1aedcd3ee76

    SHA512

    1065f96f81494197349f84169ad16b2744453fa7d3b6f2637bb841ee7ffa85a5c55abb7bc0243628c1d59a92470221321add3f89a968806339e442e7ae7fe264

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7986.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar79A9.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit