Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.ps1

windows7-x64

1

CHANGES.ps1

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch09.html

  • Size

    67KB

  • MD5

    01617b6f19d6a3f3d964d9c27fd9fa58

  • SHA1

    3b26f2f463a178ce4fff30ab7650cfda17c47f3d

  • SHA256

    99947660df83c5a719647a69b9702b005953783748d5a1726bd50d4e817e1de6

  • SHA512

    6e6ffbfda6f2a99239b6d216eae9c381a9856383aa666471cc2aa6f5a9155fe5fe69872abfcf862804f115c0a8db99cfa16154784a3d06807ce9e4bf1433d926

  • SSDEEP

    1536:O0OoU5JPiSfPgW+WEcqEIMVSSxMgIXkcZ:O0U5T1/EcqEIMVSSxMgQVZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch09.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:292
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:292 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63200981045581384171685b10807942

    SHA1

    0f24525e48098d7cfbcac5eace633b37774f6fe9

    SHA256

    361f2a7c1146561ebe6085d8b7a7f6ef1181b82e832376ae5bf40d7c49568d25

    SHA512

    46fdfc7bd44da35cd33e4d51617102e6b5aa5deeaeaf7fc91cc12d461f14d29ee2413335904169f87d626706911128efc56b5bdb78cc44cc528a01fdfa1ff322

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf7b7b07ea003b52d14cbc19be41060f

    SHA1

    8135d5c65a725d3409e9ca42a2a4a55b75f09faa

    SHA256

    50b9289b08d5ee15950158666bf80b9ad13ffbbffc92ad5873d7b52f50d9a23f

    SHA512

    45c708be88cf0c0599296fa13a59ceb556fa3da67603ca480da6471d4ea806bcf75c2d510899d024da4e6c2ab62907f07f2582b68d7c77ab4f58bed60f8c64ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4904b02ea3bea269f58d649622bbb7ad

    SHA1

    31d1ed754fa74068cf44611c2ce03e8231d776f5

    SHA256

    a3e522f43e930ee14a146ffb425b767d878c4424eea33666da8a5fc09d9a05bd

    SHA512

    14e18971bc1fb2cce2b7a1937058cf5279500ed8415d66aea38e54ff62d9abb673804095391f2cd2232cf9809054016a95e54f0fde2d77376ccc0fcf483fe9a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a2536c14ec4c31abf7759e77e1936759

    SHA1

    674cb5f8dec411e98695424f51291c57dc5c5a87

    SHA256

    e9faeadecd9733ab20d536a261c883174fb3b555fa04260d88019053328961ad

    SHA512

    74808a0bbbfae9db621737d5ad5a89104aa7ff2ba6bc736b7636055960fe7e8f1377393110a83cf063ba3b1bd7e36d55bd312353a63d7d00036743206002a506

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a6f32ae30f8ef10348b991ef88b1ee9

    SHA1

    20d081df31661eaecc9c754de1c6d5c8d61ebd08

    SHA256

    37dbed19e3d1aeeea20a3344560f5db65fc6de7fc05b2426427504c2a1455cd6

    SHA512

    f9b509046731796e2c6a1f35b8ae322b6877e36dac255497920268d3a55c27faf6ef9ec9869a6006cc92e56f037084fb6ec5e1b8cc451484f8e09a1c7dafb9ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8fa5bc2265325d83288290ec02470017

    SHA1

    0649a8b5f109c7e55fe9ebb7823bca8e22aee09c

    SHA256

    e08b0d45c42a638f15743404ae2a9d32c98a99d851397462f6207ea510d3820d

    SHA512

    51042a5b3fefca132c1dd1a02edb9c367a89b7d511d3fad953965e85305486b019f69f521e569c6d5e82c7600aee16249860e0fcabbec9e1bb8132db2720df75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa9a511ea128b6e573bcb169a4b25443

    SHA1

    720dcfdb37ab5612d71c9157c97288d078111cd3

    SHA256

    8c06ef9eb45fffe554af4e5ba84bfcec8289e1c3ee9c5a14e16f4981c56e87f9

    SHA512

    7b5adfbb5def8dd441bcb72389b6d3b1e2bed4af0bd482074b4211ccf4548b61ed1de874235d0e7958e2836554dba4debef375e4b3bbfc819c4c84b706624bf7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9cb5ce5a60a396809b4326d42ad12136

    SHA1

    048c67182648847eb75c567a96c80c28bfcd8dc6

    SHA256

    10dc587e48ab442d178739bcfa4677d8682e660ab14fcc583886b3551b24d746

    SHA512

    94d8b44409b53e94cd8d89fa9f3df8a2b8b6fed048c8db7a26204be8796acb3e19cf096b54e0e05598245a7e4bd051d756d4bd8b449d3ce967785a1d8217d4b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ed9b6804feeb977f844b2d669df0ffe

    SHA1

    95b87e53b0a6e60b726f6e5a5a4f154fc7500c8b

    SHA256

    b88c6b4b0859e9fd59045389dfd748d863de0f8972751a84bbfca157bfc68e29

    SHA512

    3aa2579998b793b5a8cb6b38c2ea8d572045ec46071d09017b783651bf8267a0f5159cf1d546d65cf9ae09411a7541e22def6ee03aa12009b2020cb6f69aa179

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8789.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC24E.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit