Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.ps1

windows7-x64

1

CHANGES.ps1

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch10.html

  • Size

    7KB

  • MD5

    769c91f56ca89899593c99aca78139d1

  • SHA1

    a830eb92237259057d7dfe39037e07dce3ffebd4

  • SHA256

    3c7cbb953888d5f59d4dbf14a4c7c3675c19033da335bb59d692a05cdbbbc56d

  • SHA512

    5c7edbd1fb7100577f0bd64c95b830760e73ab4d61afd89561bec4594bca8f5ad5166fded24a79ca576dae607d75d4f17a8365dfb9c9e49eeed92438b7070da1

  • SSDEEP

    96:OBAvOHe5T50VV2yNaLgAAKyfdyt7IxNKgegYI7XJ4zJa1JUC/byFyT1D+qmWzrz4:OyvOH5OyNS28tWma1eyXDHaHPTy0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f378cbd5bea1ea14aafdd504c746309c

    SHA1

    3eae7e7cdcb217c23b38cd12f67424b869b4a36b

    SHA256

    23658b77d484d8ecbc962d604aebe1a3124720925ccf0200632974fc68255136

    SHA512

    7def5556b7e09f2816e2a11816a14a25deb1d7e7e7a267d2cb781d5f44c4acd9d555b2c52b316df77d8533428afd360872dcc3e9644558b798db21f725e5f4b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e753e8390544ce9a3b35660268203437

    SHA1

    6f01a512ff10562443b9976612c8b3bbf4705ab1

    SHA256

    1003a98d73d839abdf1ed8d59b8b00e2bbda052d092d9b43bf016fb1b87222e3

    SHA512

    5288c404c956bcfb1aa15be8829550122e96011d9b9d48b8431a4560959d99cd06d7a175701ab28a8ec34c1e980a22ae10c94060293952dba07ae52029b667b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f60856099db4352c11fe868341e6b5d7

    SHA1

    8ce64b1448d7d214dbc8208da869e0bc61c78c1b

    SHA256

    740fb9cd89ab4297bf54df765b6560c45238aa471e0ad3a41f97d9cb08b05b22

    SHA512

    2a1366da10514a5fb2f223a5427352b805a87f04972839397e29f47a27cce48febfe76ff0f37157d728f7c1a9b77e89546647ea4dff226572444cb91b3ddc180

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3ebe3caf868d7245f597197e80ac09d8

    SHA1

    1ddf7e1f9d3b3038f53a3fbba6b9eca7043e235f

    SHA256

    187a0da304fd5e00815b86d8d03d0ff3e491cbda9afff12f9b0cea12b8b706e8

    SHA512

    9703c89f22840c3144dfb7ade46625ee47e862a68ad74b06bf9ac93712cd30a06817d896b5a6a9f6308e1ab29857e87bbbc750ccb2dbffc5786bb9665cc5d688

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    abd361d8570d4c821a0a262cccaaab5e

    SHA1

    738837c24ecaef77823d088c71036eb957d5b354

    SHA256

    db253bf806d4863e0ead3747f35d227a67c02586a0ef4425eb99b354012525e5

    SHA512

    e5abe97b46bfd1132a933c0939a81b8e682f70104e18dffeac825f563905c07f71107679af805467aa624fe8626c76358ccf3de1ec0d8d38ccc66ccd557b9c48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b90ffc3ce46952a8becfb857c2b47a0

    SHA1

    5ac8ec2bafd3a2362527b43bad302fd8be4427f6

    SHA256

    ee3fe66def4097abac4f6aca119d0bbfe148a49372f8c5fda4f208b026c62b9a

    SHA512

    796f0d54d9e291e614c5c67a4d1ad910313470589007097c84b42d659d75e31bb84cc63020d6f81cbb86b9e83bc488e2c4a48ef0a58cf1132381feb3d52c4720

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa05e5f31b944b736bba880564ecaa94

    SHA1

    ca32ad40eb691e5c8a7df7dd21adfa07b8796f9f

    SHA256

    f962ad734e86d663cd1192805f963191798c89c758ac52a1094476c602e3d916

    SHA512

    b9489f3b2eb0f8c790697ba4595e80b40f290c69184bad5c159c4ac642c8d8d8dbdd817ea8075936bd3f521fefaf0e1d9e7123575b7ea2ec16409706893a3b35

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fbfa471b21a2eededdf765f5fdaa557d

    SHA1

    6c31d590535c34afdc69347c2fcca7fae76c3301

    SHA256

    b5092d30d5e851146b4b8719df9c4a68ad511588a0f8239e88fe22b33f9a9ecc

    SHA512

    592516f36341a74dc5e6daf78ca0ad0540d1a201e569adb5147c9fc3d00edc00b509a29cc58892d95c7ad7d495184d4900818f0a2b3d71352e0d9c1ca3a789c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    627d02f49e8ffd9e5e61a0196a595d03

    SHA1

    331ea1a589a60d120a3081dccc9dc5175620ee99

    SHA256

    ef42a8d535b0f5958a29cb9ecfe3d0050a134f0e9db7f88398f2c654be9d9c0d

    SHA512

    cd3f219f117b8d5cf58b8c29bd0a030c687626a4b7b46453a528c222077e62af8308c8138dbecab96aa6f5e562bf6b1a037dfffbb3dd5e1da6363308b9f43abc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0b89df70855130862df694cec1ed44ec

    SHA1

    eeea0e2d3053de084b684b150123282b62d65118

    SHA256

    afe60dd3fac25646b42190fdd253280acde673695635e3d5d19db487ff270924

    SHA512

    4a88b81c2734e4de5d250f4ec272d9b4110894c9da45302638d00aa588a977d227fb21a7256c44a44d566eeecda8682e75a95eef215aa48eadcef3cd0b197be7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff1b8df448752bc9b072d3a986528e11

    SHA1

    ed4410f8494256d20f936621108a434b24fc576e

    SHA256

    82ad3bbf34dec2472e357b9995db5dadb299ac2fcf05b02753f2d9c06dc9c484

    SHA512

    28b2d5d846280aed93e5b24e067578bc2ff91650fdb9110aad66f685755eef5fa7218b76f4bdfc63a19180e6c57db9b0cfb92f65704e95befc063ddb86ce283f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3d5140b78facd786a04f2088acbe8e7

    SHA1

    9672d7bfdbf62b8ffe6fa4e0feadc8376314fee3

    SHA256

    c6783a683a8a3c615382c617d7b8337cc455ec1bd4ce2573724a6c0f2d0d6b5a

    SHA512

    239065f2d6441983f6536090939b14b10cb2fdc850ae4bfdc90e27a64ce2815fd734c6adb9a839e4c895fba40a9f54173819836ef23050fd488ebe7540f96d33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2057a3785a0cdd7f89831b91d8ed75dd

    SHA1

    2b992fbaf5aea0461ed575e167511b15bdd6394f

    SHA256

    a335c79b580d7a5d7c52d198f8a221298f7d6c677e4b2fd28ff586f59c21ecd0

    SHA512

    c3959888c837e1bd0fa2fc760efbc747e85342904565886fb3ba99d12abb4b3386ae1facaa4dd4255fcded5a4d51682c5004faab6fab051fff30ccdd27492f2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9717fc01dcfaf450a940f28db64d9e0e

    SHA1

    11560fb9d9e500d02bc5a283e2079ded5582efdc

    SHA256

    0f69b35108d8581d786ccac8ecc271f3818c50075b6145b654b83438281d764a

    SHA512

    e80d5e7803518820e546b2b7b3f428561944090355198c3160d31cb17f6c21daf4fdc47b145c1b103288649170397b822b3c3f210a62e0f17b60fb1d35b60850

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    79e4d26672c3ef2f60bdb582d3f92997

    SHA1

    a3d4c11159a02a34b92e49ddaf354dc064b8e889

    SHA256

    0524b2b213e95edabd86576020b465c4559ae8ba8b27ea8780d1052937a947a8

    SHA512

    80efa03db6d3939c3477bdaf132de7cebb679075c13b45cc5edeee8e2069dfdf8b3a94a9be0f61a45d12bd3a4bc726f1dee7a4602ec356df6fd747f26c2124dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76f58cf2000dfe82b47412f11ca66c93

    SHA1

    8f5f4fef00caa5da4d963f6e88942c618ad3c1bd

    SHA256

    b076dde3c0a9a8b5d5ded0383ecdbbca7c3069cb641f1643c6a0c4afcc0196b2

    SHA512

    422bfe6902ddcf91e7a1fe7d37efc8a336294070fcbd40a7d9f00193072dc8fc18a7aab60de3e2547dc4aad0ae00b3ad1938342989773e1b67fbf50eb06cacea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e89db58fdfe1352983a3dfc310dc665

    SHA1

    786cee53da036dc09514b2864357d9e0ec61a9dd

    SHA256

    5197216fc1f8f5f9887363c021296fe8554eb91c796a9c498d8e814c5f2f848c

    SHA512

    eb0a4fc7f7a35e248ba94443ee6b81342227372a811a4c11111008d6a1f67739c4aa79e6f92aed5e4435356a82d0b89a90550ec14b78546f89ee884f6f9b0ac0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a44acba0fea7f847ad85e05226fe7d7

    SHA1

    154fa27026b4faea7433d9d823914a06fa972e7f

    SHA256

    1951b43c610149d34c827b725bdc74eb4cc2049be9166d80b93dfd5f037d2f42

    SHA512

    38a20a60f45f80c0dc5dfd2ce86d8fd0d4e23cd2872e245568cf41c0374610ee13f36d5fc412954ddf8b1a30db4392417323c004b72550222bf5b934e97c8fc7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB001.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB071.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit