Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    269s
  • max time network
    299s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch08.html

  • Size

    6KB

  • MD5

    555e6abe2d76f48f66bb73ea9184480b

  • SHA1

    bf01c40e438b0d5529d2aae3629ddffd659259d0

  • SHA256

    fb35209ee67e8ee06a510bcc08ed1cb1c86c7fb6c8e8ad98e7a3b62dede54815

  • SHA512

    c875d05d53a7f4fcd6f7ae955ae39bc544293229ff0d68121b952ccf1b5414f0ca9a366dcc309373330bf7f37b4d8e335ba7af5ebc9120d28c80bb9ca99aa0d8

  • SSDEEP

    96:dAvOHe5ao4P0VVoIJNaLga+AK3fmeeXH5PmX6eveBteRg3NedL3n2AeIgonFPmnE:WvOHFoDJNSigfDNqXFmyGivN80

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch08.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3044 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a7492b44ed7a01fd66e4d5582bb717f

    SHA1

    dde4fbd1634f3b22200870243227bc9f7771aaa3

    SHA256

    29ac2582784223e18d763434a82f6345610255c82fff0d3a044322b1eaffb197

    SHA512

    ef00e09e46fbe99bfb0e66f5ce49be6efa04682f2755543b51ab7f5fe1c79451e1d1ab4ac1546aca76d055537d8b31fae9892011a1519f111c14919d8b42332b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a8f5d70ed42027ff92cc56c3dfb46653

    SHA1

    6172cd45de2b453385033d9815b26351ef13f415

    SHA256

    a3fd5be965817701543411a8ae1d5f382a2d1f4f2727dd92aa277501554197b2

    SHA512

    f2bcda274b9375ce4a4e6084bc6c6d6ac505ed248ba5400b73f860caf7553a1bbe38779b3389de1115bf35bfd764b4047a8908b412f28cb0d33985e35302c650

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2a27caefc891e90b715e6075d611f54c

    SHA1

    c5c5fef7ec906316106e5eb51cf7ca64484b6175

    SHA256

    0cc2d27869ec96fa50ea540fda5390097c9ebe8aefd2b5baac503258ee42aa0d

    SHA512

    84fb6eb862e005d0bef39be564de8f84ba25cb1f1341bd195bab2fa2526c64e68ea5b15187f65d7cbd6dd94fc8819523ad34f0b2ff999ac4585a81cdacca7efe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7f4720445b942be24c61d9cb82e67dfb

    SHA1

    58f55026f03bbf4a2c24aab7f3af3679db5e1806

    SHA256

    fc00264339fb104cf018e266502ce3d3523ffa7547cd9bd58c22837efafe6fdf

    SHA512

    b3ce4d8e913b7b19f6039c41c8b9127d55dc9ab0f34d8f2a41ec77a9cd448c27e9e96fc2bf97e9cde0e377b52e1ec975f6c01b11655f2e1c4c10d274072a5981

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    740c467fbba6125aa4c93ca83de1dadd

    SHA1

    5148b2502a4d58c2e98a5c383ae4d3ec1c4cd268

    SHA256

    868fd34c6ced90455cae3407bc40e7b3b55fc76fee170ef6b3157247cce13a5e

    SHA512

    6552843ec45110ff5523deca90a538c4d34686bfbd3919051fef2bbd8e47e58c7a3b86995e4a0c4c9a56923ae360595ad3476518d2f1c079a5bdd994925708da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e165e326e6928053e3d8227e0256960f

    SHA1

    368cc5b9664b8783fd1d302cc7b5824c2828a50e

    SHA256

    3ee995f7e3aa33384dcb20e80adf5a3512b6f82f9e15b4916047c3309dfe7ff4

    SHA512

    502cbdec84047f341af11844def85726a079a53f9d5aebdf80eacc4cb813de9cda32163030cff1a1ae645241b408470bb5654ebbee30ee94fb695d9d95e2f4a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    32c29d2b0405c8d0a6d8ef3ab0ffd7c5

    SHA1

    2c1de026742a6f673537d5c5f0753c5bf72a5e57

    SHA256

    a46bb2e740ea510b9f7f9e200c6ad9e4a1f0b5ff6df747c6baf3e00bb59ee25f

    SHA512

    a7a4f73a7817ff836e3690c95acdb21c0782c675cd4198cd5399942d1bfe55b7597d2c1c0267595449539e0db3b2db2940f88e22c8d0356fc89bacd5be87dd95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7042352eadf5556b0f928d99d616a952

    SHA1

    6aef9f8b48995716a72c0618c1dd96f6e71baee6

    SHA256

    ecea1b7e565e3aacbd11a4358f65db5ef7fee7efe4acdde36ef52d90fbc3eab9

    SHA512

    2a2b7ad278a7d912320f4cf101f0e68798dbe9c16dc719cb2af8dbaca09eb6803a23349f89fc0bcd6335d71c6c04716c0acf8b774acbc79b7425ec808a57ce27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    906e16d3f81e44dd21cb8b2d2aea04b1

    SHA1

    828696f73167979304b13f7b3d7cd01d7c9d373b

    SHA256

    5ca44442550eaaf334735ba4b114eff529a1527445038f018287ddb76073626f

    SHA512

    731f3fa5ae88fe9fb04623b2125f2e52a6610e4077da1d382ede01fb1d195f58dcf7cfd3a4f5413c5c4fae6708b9fcecde126972f3d339fdfbca435459165092

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    911b657eea83fad078dbfc98b2d60235

    SHA1

    1d1aa9fa7d319d04dda88718290971805731a0fd

    SHA256

    eddffade2b24887a0895b29b761cee10c6415fbd6689f80406c609e970f2ab1a

    SHA512

    194474894666241ea894951002ab4eac54ed6e18877c3b22b231e1e136f33fa9bd7a0264b005a31e7d820693fc7b48168b1c50f1d4623efe56e35af826a438b6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2454.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar24D5.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit