Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.ch11.html

windows7-x64

1

Bv9ARM.ch11.html

windows10-2004-x64

1

Bv9ARM.ch12.html

windows7-x64

1

Bv9ARM.ch12.html

windows10-2004-x64

1

Bv9ARM.ch13.html

windows7-x64

1

Bv9ARM.ch13.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch01.html

  • Size

    24KB

  • MD5

    7ca7e7c7690ee71a845e778324369776

  • SHA1

    894975c38faa890294c8e3b7c4e7d1f10789be6d

  • SHA256

    29fdac17b51b7dcd3c61e3a7d23528c2abb3909d3e6100bc53cdafe316291642

  • SHA512

    c98b8ecf832a55061d0566991c879c680e9a5037088c49bfa218f7dfe07f601d97db39599224ab99e4cfdb0d41842bca13b33e023e1348f96417e9ab9d0d1d2b

  • SSDEEP

    384:nyvOXFYNQHXnbYrRYLzsnP4Nq3ZJfpl+Ca86gaGpw8FV:n0ODXb0YWZJf6CaWz+M

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch01.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3060
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3060 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    28b927af5fe33cded12f0005cbd3a835

    SHA1

    203ec8207d1fa721d55f8cf4b139150911f6b9cf

    SHA256

    b593d010d3255ff288b807eb100c0d9a5ab7833418055f8bf0627e9fa1521c35

    SHA512

    fb64eee1ba2143ee47a4b0c9e83f3e9c3e5e40f98afe4540a09e5a5e8d0d2af27160c72bcc33fb2f492c86ef9ad30a42747205d0b2602f33bb9b323358397b55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7114b8008362e0b86edef09560c5bee4

    SHA1

    696a7a4a9c195e8903f211d26946f0e165731830

    SHA256

    6e003103265687d9e54ea2ad82e9f2912ba989c284b4ecd86b21650d475393c4

    SHA512

    5deec0b8ac6893600af7c9b0939e127b51e909688dfd7e43b7bcf042fc8c3af9ba63c96fecdbb905fce72383095b5cefe0e78f668716f3b2dcc6f521ccc93337

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0de460dd65b053ba8ac997aae3131b92

    SHA1

    ed4d7978720e83d9735471c7bc0d85460283799f

    SHA256

    1e54eb5dfc4fca50573c57c2c235d0e0152fbbc18b36371977204ac2982c5aa0

    SHA512

    7f818038aa30da75a15ff4592c9764a84d2721783dc599c6ff9d08845769249d7a74d968391ee991c6e5b13dc7fe12e0d9e5b859a703a1d2a7e140fff498eb96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0349982c8ab7a343427573d23c1f9e5

    SHA1

    b5895b34eaecaffd728add04549185a66d0857c8

    SHA256

    46e11e3d0c3bc3941b2e55e9a52981de4f261ca829d6ab4a770113e6468b9acb

    SHA512

    16b08107ee75a7a75a34495faac883a8108e9b5bcd34b1fd1af6a555d1206a4fd922374a0897b622e558e761842ce3df04caf26117def8718e69e99a918606ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e640a5f5b408e4f51bb7067ec17961e8

    SHA1

    3f0f04196df985149b84f1ea94a6e37c80d31bf2

    SHA256

    0f40e1b519bf0d766c359133f2c724b34a329bee0b2b1f087fe81d0dfd7f2155

    SHA512

    a7f0aabb94d782792c7b8e5a70edffcd63a14fc28bfa615fd0f8ff039060fa7757bb3334348a89bdc92b2a03e8f0f3b0318b0576926a9724cd1c53d41faeb0f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f8e2aca56a4d424bb5a86694d530c69c

    SHA1

    4f487e22f2c5fc74268af89f1fbbfce9e9ae5a9f

    SHA256

    f5b1094b11800ce7e372c44f3cd79a4f6a0c07b103b0c2edb7c82e1a63240c74

    SHA512

    9684c1b9195e65bc83d563d69ba61cf82e40f48d756da047690d66f9f8e649275b26c9219a25e39196f6da078ea5b79d23dbb8409dce9598ff90f0a67954e9eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8cfdc8f748fe4c1f587481074dfaa01c

    SHA1

    f0f5becf0f20a5777a292b7ba32b3a063e3d4490

    SHA256

    7c83c97af821220e09ae3181dfb464eefdc894ef019ade7ac2331ff09d692700

    SHA512

    842fb8d55bd5e19db346d06d2d9ce291885ecf4705e18ae76be75a69ad70ca82a0c78588f86c98f1e106cf185db41999d5a4f631d46e9067f2f9a5906cb1547d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1fbd4525a695eb4b84792726beff8628

    SHA1

    b327f0943a0e6a99ee8acab9d8b844f9c3e04bab

    SHA256

    f60e269beac519b372e9159e15e570999d29764cd02a2a1b7fc645f968c07b84

    SHA512

    0e7b075ee7e2b55ef00fb8d0030a3fe5a4e4d29402d96ccc99acae069584914b4d8be00fc24c396ea442791e1717df37c85d5f537c2294b6a4385b32a0670605

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1dcc234cf05243e06374ee7a2e877204

    SHA1

    d02ade82bb1543e1bdbf6dba7c3c33dcf410e607

    SHA256

    c9b1c1e2d3ade369b5b0001ce929a796e4dcdcc8c93eebf0c4da04258e331d9e

    SHA512

    6fb90e80a34d0749909cdda1b1c6e8e4a3cf8e8787fab73f866fdee1d0c9018f77ed1e7ec35451b7819cb31ae8c041d1c083b1a383dc700f35b5475052c8d59a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d27357967c940d9ccfb0dd0859d24975

    SHA1

    73d35bb3eb8bec3684c6fcaf3ab7e2c86639bad4

    SHA256

    ae9ba2f313a3f181606d0d1f4fcdde2166ab9c3998286ef21ea89cd311ad97e0

    SHA512

    fc445d376732d72b0b9aa75a6dff87ffce5440d2f53c3e134aa195419044076a66f8668cd7248819df64c9aee5202753c6a8c0112f0fa28577831f801d436ee4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fd55f08e213e0daf0bd3dbac78d55e9e

    SHA1

    177ff0c2e4cd6eb8e2695a90b218a32dcd464e12

    SHA256

    1efd19a1836d3ee2b50f89822249dfc23a05162cab670f35e248e45b9a2f5d5d

    SHA512

    da4476b290c2d840c677c509c1f195e27a777af572d363bd394357943c64036a238cc75b41325010aeb6461b6a3c707723093e1c94deda42fa5b3b174cdb5070

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55589cea7279e876162ce1a60ce8236b

    SHA1

    e8aae509495180f3a7b8c53cc527ac42b91681d6

    SHA256

    fd867f176403e433e3e840c9a27bdfeca378900025a3d7dfe9c7ec3b58babb7f

    SHA512

    00ccb8e937f07664aae0b2c8abbab3277a3596b9fa9e8874ae3296869d91876238bf3db72235353ae41f10b324e72e82f028ddd8b6e55caa6453b029cd46c3c9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    067848134a259cd0e99df329c2b9ff24

    SHA1

    09de1e13488df90b8751140a9c96f5f924682455

    SHA256

    c5218c0979192de4dd6fb964c1d533594910bd4eee113caa16a7bfaa05877e35

    SHA512

    d8cffa10bce678fec8e26652d66b39a886e8f6503865663f05159e80f527009ad19a5eb5871391d6ec8d0eecdb128be7b0e1e50b46901bcee4eaee2ffbbad1b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc1b85a1a734d43457afca66224175a2

    SHA1

    e9393c72b945f2dd3320eb68ab788c1a65a5e5f3

    SHA256

    b3bf2dfcc2388e8f25d6a8ac7c398da1ed06985ad7393f18978841f5adca8931

    SHA512

    c31dec4e4a228550f0a78bb0854732a307bef818a6e9895c79a051bcdee0084666f59b968a917fba25c6c0e46d011fc477f42869a7c4b2e7cc6c34a72f57ff9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a23aed4c3f0be5eb23f52a9d6aca51c1

    SHA1

    d22d09c2ff8f7e083149a22f54a5fffeacc80f0d

    SHA256

    f08a62ab10eac296502837e2314d906521a8f3ee461d8bc3341f78e0b175a494

    SHA512

    c66ba1f0d7165f5f24e89c970b294ecddf8581ead6a139b5a40a057ff900859c41d49f3b0b886b79229ef0bdb2476d8f79af40736fb4dd586e32525b4e75aa00

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5C75.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5D04.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit