Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    156s
  • max time network
    171s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch12.html

  • Size

    21KB

  • MD5

    2b52380dfc6c189d23d36a4095af38f8

  • SHA1

    0286a221a72d31abac4b2cc4a38f66c98fc84a2c

  • SHA256

    49345afb143a993889bd5ad24d4a053caca845114f5cd9d63da8fc6d3cbe7ffb

  • SHA512

    36805b461063a8ad2f8c3c5eaa0bbd9f2561fbe6e5206461f265b5309eaa3fbd70b20e4467f59f931cf8a66f55004eb6aed5bd20aea9e71cc98cbd7acc2b5fb3

  • SSDEEP

    384:nyvOPyYisMahWoDWBf7EQ/bKcP5OcqTghQdvVfsSA+wUMgsXkRQaV:n0O5MSW+WBfBpkcqTeQdvpsSxMgsXkR/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch12.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3f77af7df76ac145f28f4dcc52cf07e

    SHA1

    dd7ddb373cb7f74b8dd3fef2ddd9cea044f8d8b9

    SHA256

    d355930bb7942553d9c3641bc33970fee0e3eda7a65cd9db10660cf6e6491f04

    SHA512

    8840347147130bd0a43b582e7aead1fd7fd7298c08fd613dddef8b9bcba033c8f6dd161fe0d46d3bb9a46338479db1805a877fee42c6a9f1986eb8b01a50637a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7fa6d3c41abfffbc8acf4c5c0c67cf3

    SHA1

    9e45ac4456cf816668c46c3ccb41389f14d327cb

    SHA256

    324df3badbb2513257048820cd93190ccf711a2d7e358b0c9583afe490970552

    SHA512

    b4434470c0c1e13489f34029f5eac5fab3596669b0d24bbc22b83c64e15d1df9939f93a1f4566f23d2a7fde0db63d5caefba3c87cf69b43d58780d0e7da5aef9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8c3e9f1a9b73f4c201af233470a5c53

    SHA1

    6af9a4fbe8377089d71f61ddb17cc4746c5d4d4a

    SHA256

    9f5611025f63cd347230b46b05aa8a3e4a0ac49b104a731a214d69fa643730ff

    SHA512

    ded1c8c928767132f052a953927c3e2909188d4f3c75d76adc1e756720a21a8e6ec511e9f41c0e36fd55f56d54d644464dd819e2871855fb88964c7194a28537

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b26326c2ff1c6adfffd349f6618792a3

    SHA1

    9e15048984363e330add491659aa0ca0d1ec623a

    SHA256

    8f8a92657172268ce5e8c4e3f4681f593843b99ce7d5eee7d256c0aaee5fd804

    SHA512

    c6151826817cb4dd34176db6a0435c238fcad6b65aa374a682ff2e382552c705725d4b3b29abbddef92ae609d6af9516e5715e480ae3e685b2f73b2be3e87048

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d8350e45266110f2ffddc3c1696cd51

    SHA1

    1a63fd5aa48242aa1695e0520a3d032e4b377563

    SHA256

    709063af62d291aeda6865e3c579daec4a94386f00b53bc73ded9035b2e223b6

    SHA512

    15d9d4d53c4bc6c64f933bfa8e9ee674226d88bed3bc27f8a60c9a7db844ae939c5d9cbfa2d21956d30e3884ad31c4f5cfcb6682478d8abd1b19d50c8402b042

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    234fe3c387f6cf4fedc348479eb087c2

    SHA1

    7901f6ab9b6f5ffed8229d1caa8fcb336b309b0b

    SHA256

    34d81196cda9e336bddb6ab56686a6908648272929a7254c003e0b0f47a335e6

    SHA512

    5a672d225d63805b11d24b7cf69f8a8f65393456dc6f1dff424dc1c5e02a19b11c90c9020a7f582e9c47c123e7a3086ec555660f9bc1d58ea3521d6725ee5837

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    daa8ccb685bcfa831fd267bc67e08931

    SHA1

    07c8e3ea8df9fdd397ffbe04838bc791aec3afaf

    SHA256

    6e9179d64e3e3f13b575b03624bce641ee791d2bb3871b18086d9f37b9372ae1

    SHA512

    a59748363c1de5c1032a05abceae4f77c82338d8bce157012ee0b06388a4d585ddebae4ba39ab135b3024f45936b19a355104d4e4de67a7207c9bf77545be5d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0de0cef16b69e111b6cd373e13cdaf93

    SHA1

    fbabeca743b00b71c9e6847ca0be05ada55512dc

    SHA256

    73b605616dc24f647a7d18bb20062837495e679c08b4e4a94b21d1565c1a7648

    SHA512

    a05261b1ccde05246d78143d0c751aae9cbffaca240ea7c5518a2a3a411e964d64e4398ed99c1f5c34fc08f30160ad063f8ce8193b7a117281f8f65a198803ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d4fbcea55b0110c5a5f3ffc64a0ca9e8

    SHA1

    d4a54085e525a74d0f3be09c62260192a02cb8d5

    SHA256

    9b66ecd8fab63d6e7136cc6a0bfd4a60d7a05b5be7192587377eb7a14fd9b697

    SHA512

    2a4065f3eb2ca1ffea802691a82de72dcaaf9ad5017c10f6971517703f7023836acac2047e310539023796eacc42d29044456a3683cd3d5fedd800c368f1c284

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0635e6aba38268d00b823b080c4876e3

    SHA1

    47e722d22689ec9d06f38028459f5f798ce3ccb5

    SHA256

    6be8062e933df6d77009f23e2fb3587e9d9caa50c76adb8b050bd2f02e755925

    SHA512

    a0afd40917dad9b57ddb4f5287cfa122c590105a5d240c136d4c047df3a58dd86add28c03ae43ecadad8dc6e67f0625ef3bc52f70bfcd491f249ed750240dacd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC24.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCB4.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit