Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.ps1

windows7-x64

1

CHANGES.ps1

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.html

  • Size

    25KB

  • MD5

    8b3ba62e69b1d6d24c6668973c59ce42

  • SHA1

    c548d891461d90c575ae36384d7a193460eb0430

  • SHA256

    18d59de214bd9f1d39c19bef27f739844f29bcf9d00f2fb9843c09768d8e9580

  • SHA512

    2d8999aae7a5ed37e3a4c003288351ed93472d2328fca1058528a2d9f6520065befaf685e013c9284b8e2632c1c438ab935c05c36243443f84b34af0f3faf6e6

  • SSDEEP

    192:OyvOHNepNSpKp6TDIpctwjhGr3FPWdXxkeZdb3dVanSB6XKMWma1eyXDHaHzz0:OyvOt0Yw4DIqttJ6ueZnYyXDHa0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2540 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b80d6c82d42056ccb1726d91a186c114

    SHA1

    b8560ed956c73d531dc3aa21270d160d6271e6ce

    SHA256

    b7e1a63990b707cea0b1338a34c3300f5a6ac715bccd32c25c98a8db2c521eaa

    SHA512

    f9281c4ef7b58bdcd6335714bd7f9ebd914ab32d88e669bc24f7376867bb07098074dd0f5f2e7e8367ff0e414fc8759f0151ccac23ab0966774a008f3a48a554

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c1eb54b20b3cf1a18559aee66288b9fa

    SHA1

    9e40cbf47f269ed0af0a6d2e67ce1935af2f6bdd

    SHA256

    1b1aa8eea7ff81fdff6cc95a61346588c9bac00f9c7a54ec028683559c8c282b

    SHA512

    38b378b160a6586e69a8a298b3a8305758b2d061e22337421ddd4030cefe989e326ea22bb2af37f957b3fd6718ca6e088c19d3ddf7fcb6282e810db295ed225d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0427d95f1681ea271598df8c88284d38

    SHA1

    7573824b282f1a3457fcf81cb05bcc37a5e6d0b9

    SHA256

    f7783ad086c993a4057128b75e26dc7c317a129302f0af0d9cf03d6ecf0cc114

    SHA512

    bc2a2ceb2209401135e12f02d93838912ee4174f4206b751d221cb78368344e5df402eb4ea08ef89baa7d7ef8a8264d100ba8ec6c78cd51949220905a893fe11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3afd6ea6512844a93349abeb3b56c627

    SHA1

    f9ba6f48c60ae9ea08617fd32ab9e805fbb52ee5

    SHA256

    f595b01097964dea46442748c8a2e72ce6ebcfbc966aac20cc756db364175b8b

    SHA512

    0eecf07fc90fe499c4c37a032ac0c36c909eddac35e8e2dfee9e24e13e04436db908e8aa85468751b00ea73162e57fee9fb7e6296ad92509becf0ab792ba4171

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    285d19ae51b3a6f7b0b1537908acb475

    SHA1

    d4e4beb312d1a1eb9f44fe806d98e8bbdaee589b

    SHA256

    47f831c70357bc2ef823f4249c37112fcfc1a247233b273a23b5a2f2c9b27112

    SHA512

    c3d1464b813ff596136825f83aad73ea22a912bda579012c7251435b416b8c3e3a6b6f597324709387afafac25997a513dd9e9eebe5bbf7365818d98dd45485b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7b774b867059a50d0113ef40d77e645

    SHA1

    88100d05b09cfbb69910ee4bf203afe06230794c

    SHA256

    75e948df6f042112722fa382fcbda817cf71c922c3ea2bfad2d21d97a7aa197d

    SHA512

    81d45dd54918d941e5650a08e119c4352e1df818820944b4014cb1e78052dc2d87747ddf6ddd4ddc841c90e240c1942b9fd10794a5b83997fa019bc2b968a79e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c88554f5fd8061d0ff567ded96bbb2d0

    SHA1

    53e2b395b06af249c324691bf78c13e0c50b68e8

    SHA256

    4d3d5d0e5c26caeda38b4068aa62fb594bdecf906223116e8c4c474fbaabfdb4

    SHA512

    0e3875366a4726aa4079f6f449e229c9a49cc448e6fd0cb702fc09901e0cfb71ec437b54f5f817ca80327fe7a14355d3f870c473595e8f0deb1b83e85ca8cd7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7382561ca792b78836bedf4140668574

    SHA1

    d5b323a632ceebc34126e28642f95657c6c6215d

    SHA256

    b33cc67d9491934c16518b91a0ca7f49e028bf18c7c2db200f28ad27f095d84a

    SHA512

    d7121237990938f4dbb05fba0348694671c07aab8408148ab9db622193ded75d6acb96cfc6a27cb1f5d78b1f1291ba28a70f3b8021147574f39e90ec6ce5609f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    98086af3ae166081e1129e0c459070a3

    SHA1

    4a60abdefeec40efd23cb29423d98b24f2d3cf5c

    SHA256

    0ae99a0e95f77118217ffb43c196957fb1ae160bd6ae96f4ee67bb4d3fed3c86

    SHA512

    886922435a4da6274652a20f7d447bf5b1fdac6038d41e5c1ba389d681c23e19a2b8760a6e116b91c61724eac6bb19f0d6d4e6bb5bd0d81842863edf49c7556f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8d5beb68160129eb69d6e84e16426abc

    SHA1

    7c0bfc75bed71de46e3f661821b113294babe881

    SHA256

    a4d353c1054810d362b761647b879467ed2c4fa3cd7b7f298f7648f40c9a6004

    SHA512

    293137671a352a5bc836f4cbfaa8ccab3ea9b73f3cadcc1b589be1496f1970237524072781a3ef462c1e5cacc4b5565ad1d26e84c11825468e11dd5bb55a44f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d8536d9ec7bc78b4b0abf5ba1d45fc65

    SHA1

    de9e7dde5877444b9325f57c5cd66e0840a04bfa

    SHA256

    fe9f2638effd52ad0d19804ef962213a42ba66f7b53f4d87ad8539ed93f52774

    SHA512

    1ef9926c77073b40ce28449fcdb6b67733d273feb84112c7d496393fb7dffc4e7118b4633387a19e1a4206929d14deb4fc162d1ab933de9a5027f26a99ebbd8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    282b01b86e48cb3ecd829cc893a4c65f

    SHA1

    3b9040475ab04c6afe932996fe1ea7eaeab500ab

    SHA256

    e3fd36fb06136560cb48da8ae275537363f6e88dfb78f578d3ee1c455dc49516

    SHA512

    1e534757e89b3479f42f23542d4c70e76ef9722a8c2f438189c500fd954dc3e398834d895310fcb2ef0eaa8220270d526e51c05bff4f414a80e16e3d440ea326

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    04d84ffd2253b5b6b658657671bc102f

    SHA1

    68c8d5ebbcfcea869cfb74125d804a8f9f93634f

    SHA256

    5cbd6cdf0bbb3b61302ae24c0b81b522c66b43bd166641d584548c4a6aa4abdb

    SHA512

    7d83958d5414d4e6a16bc369f40befd51186638fc5c1cb5a028fab7bdb043d30f448758d642a792f252dbf7413cf5971a1572c92ab057a87ae7303dd9785371e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a035d370d8c872f598c920c018df6568

    SHA1

    9c70d35c99c6ababef0c5ee1ff3fb99bec27d5ae

    SHA256

    352d4ca46e6b25a3aede388323a42b1a87309330e1e0cfcc225c926df5ac70f3

    SHA512

    9b770ad493cc938c6c08fec3434cd2cd5387c53990863d20d544bcdbd731f5780b8ce91b9b6aab7223e94a56299bff566cda1b465408e4845758e6a83261c98d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d6912a434faa589594964da20365d600

    SHA1

    c9145e2f71e9c02c7cc49a76557725ebdb327c05

    SHA256

    3cc63ec5b164436ea63994b105a5cbcc608432b5a5d4b37f7f77170a6a5c4ac0

    SHA512

    308ceeda61f8367af64d884a3c55c2349523dd96e9597181ffae4800f9795a87e8a85587de084581efec73d361eb9ac8e95415dac284231b995c929da12b60a8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb50c2bddc3cd8d69265aec5d5c14cb8

    SHA1

    4987f74cb392cdf195b8f9366f70e30bb98503af

    SHA256

    28fae49aed3535ca7b9b6f63185f5b363cceec4d4e4e4af7251109165b81b504

    SHA512

    7beb27bc035890721ed2e56705e1592e69d66948c15efcf013a072acbbe4dc4c1f613c22a3db0ff48394cfc3ad9aaa14068f85d561aca4600719a0e0d8b0c313

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4e8fc432537aed0c07c0ff4f3ef535a2

    SHA1

    2c6479c4468c13d31b4cb631fb0d1a9d226c77d9

    SHA256

    0f79b727959e0cd2f0715e724da02d8302ec76726254d3e608a7f4fb34d7720d

    SHA512

    0bd1fc3ea35ce33faf41918c904f39f7102fe397abbd392979d139c9cafaccb4e18de1616d4570c8f3136858195a6da8344049e45a9f6db817d35d28dfc31c30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0d7d782049fa177788b438f832a953f

    SHA1

    24df6447ab2f7321e3d50ed1ddf0624f425a5801

    SHA256

    b45fce2be65d525d92d10b958f2670d9dd080e96ef3dc39608094e0ed1d54074

    SHA512

    f5039568828839dd39d4c69a5995b3dd215be83eaa6b3f206e35afdc791bf480cf7d5367850c03fa3e821c0d939e63d5a1f9866fa3f7f8ec9db5df72ed2b7b46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d88c46a015b920d7bf41463b79b18787

    SHA1

    d3a1816a8e82844461ce6a78912b29582cc9aec0

    SHA256

    8338ba469ab67be5a5633ac0f115105810965dc042401a4c599fc72745495d76

    SHA512

    f05cd7c55ca219de48826dbcb6b0de6022ab09b9ad238b21f904494fe1562dd02702304b9caaaa1f8b82746fff785efab7b7f9b1cc9a37dec219cd182eadcf42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17d32ea553f66621a3810d3863bc1493

    SHA1

    ccb59847b0e74acfc6cd5a88d369867ca580ffa2

    SHA256

    80932b21ef5c3a30c9d189922ecb6470bfa3f9d0387d26980a1138b203d3878d

    SHA512

    45d573bdb2578ceb049ba573b0094e01905ac3d3810c3d0b8f012405ac7c4876777c8692161fad2c4cc518d0f08584e7109e076a42f433f1a9ad58692dbb801b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f2d448ef5c64e13fd5baab75e51460d1

    SHA1

    060a992485cb528297e22f7869d6213e43606454

    SHA256

    d7597fafc18d6bf776f1e93e1b307085e4e62c891fcf235514332e879098192c

    SHA512

    dea17e268c924187e2eae782c758f11d43484605f19b9e2b9d13dd5de2ac12451255574f0f602fc1277b11d1f749734b9ac4c08c8d327f68ed815d6d0df9a5dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63657eb4269f24fed323ecb7869b7e49

    SHA1

    37ecbeeb5cdaf995fff55f03e458b92e15a70fc3

    SHA256

    61d07117fe74afbf2951c6d4ec22a4476c3485417abb8f3d7363e02558848d00

    SHA512

    ed28b6d68cff97fc96c912976dbbbaeb2c716a911368d7d34db540767cb93caa30d02443e34c347f8a005183e31fbf045b5136292c2c8a162d34f2e8e095cde4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c017f0857a07a54da8ce67b9f8168f55

    SHA1

    673a3a40fc20292ad1d2181ff31381f0fa93c773

    SHA256

    06746a4ea80e469e12485c20bdfafd3f64b9675204d5ec05035baff37edb1470

    SHA512

    f178fff7fec5860b1203fb8a375fa3ad042def01937314335b5e1d86303efa132df02d70a2e355d2b05710f32355d10620dc03366038905373354be94b023556

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEF7F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF06D.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit