Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

Analysis

  • max time kernel
    119s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch10.html

  • Size

    6KB

  • MD5

    6d9ceb28e80ac4264036b29898ba5fb0

  • SHA1

    f1f4e378fe67d1109ea6cf88e9dd2cf3e41ba8dd

  • SHA256

    4bf8864fa0ae8121097333a21e04f7735a5302f617b1c93027a41cc8362ddff7

  • SHA512

    1c0629c52ff084b6548f3956fd5e347257e20295feaff8281ba52a13f3fd273a33998189f9f4cd5b0c6e15fa6466e24011312e7ff73681c806fbec4d02ccfb6e

  • SSDEEP

    96:ZBAvOHe5T50VV2yNaLgAAKyfdytI4gYI7XJ21JUC/byKD+qmWzrzbKpmAbsdgaw3:ZyvOH5OyNS28to21tDHaHPTy0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1896
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1896 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2308

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9436287e8b12b9f51001a6aca2307d6

    SHA1

    a7f89e47f042304ba20904cb7ebe5052e4226449

    SHA256

    014e5da34ad2a8c3351de14ce82d1c3bbe343371102814abc7f411ff80f4163f

    SHA512

    545521814a13bf38abb740edef2423850742d1a5d67ab83ca83915132d20a47732747806b1819fcf0d34655eb38f4728b5f3e24f2e52cd58db26022b54681fb3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b4553c0f6b6b1b2b97af40d9607618f4

    SHA1

    feb07c4faa2e11e9614af1af531c48707039ebec

    SHA256

    1864524c4fdaef8fefeead35c6491bdd50712b07080676a4bb8fd4607a947d90

    SHA512

    92dfe1e2f90382481981608f91e3103c848e073dd7754603e78a52e9fc697f5067f619a4d383e5f96916d6a0c50eeb4fb72a21ecb861686a7ca5928bef81f03b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da0a23e500f95b05ea33a1ce18cfea73

    SHA1

    77a5c713244815d7046b397d4b6b39c033296802

    SHA256

    6b757569438efa6fd7a32d8e436ef13ce05510233048e2b59568a2177750058d

    SHA512

    89ae38037f04fa091c047d510a834ae58de1db906260d8d48ad9f2c1eb93882201195df36fa904ae39a0ee261be588a77766867bb02a2ff98d52e84695c55067

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    33d58f7e0c1eb072c82b8a66f0226588

    SHA1

    70ca9d882d5b4c9e12ebe78ababfed7eede89405

    SHA256

    39fd41f16161eaf1985a08689fb31b8f3bff8e14f1fa9a5c39a753744c1df22b

    SHA512

    5dbb6c51c0ae6ae21233a10424611e7062f8b135e2118cd72a03ea54e0ee98a0e9ee39f09a8cd967961aa47a0e4eb6fb220e3b1e81620ea2348a75d3c6093292

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f9a9656a48dc9e3fdfd2b1aaab60418

    SHA1

    3977dfd04fab5c6f29aaa3330b780f4348397f32

    SHA256

    c167cefa2b5c720ce91070b5826cf1150ddca7df41c6edb10b5692b1d7fb6052

    SHA512

    850b032c1ff115adff0077c6a4c44177bd5c74fc1e8f68f8a74a2eda819163ba2ed4c546e7cf5287a33139f3cbdedb5d6085752ec4432ecd052483b6a5ee7ce3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5948870ca2f5852d9668e94075655fb

    SHA1

    49baef578870acdd18d879c81f8361fd0645a3a0

    SHA256

    88683991d73b78a555a4171e0fac105453893b04c27c6524f9950c916ed47fcd

    SHA512

    fd4cb830610ed8b7f566558e473466246c1389c82f7227cc092556ff8650e54f666ce5dfcb0aeb93d8d3c82b5f59f800219377ea63c5c3841f12d7fa1d174be9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3aedc6aa96dda6af350fa0eabe6194c

    SHA1

    550b90a90a113bbe80c96a4a9a13ed84e84eb36c

    SHA256

    735c1549431fcb5f0bab6a7e1c3ba8190260616dd8f8bb5121807b6b1736f3e2

    SHA512

    d08d22eba6e87ac98e7ea2f63064a1c3de849b6cd75c8d6e751f62355e21fa2950a10dd476ffa33b50c00cfcb07b7b8b5696406895d14cf43085cb4bbbb01160

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ba1c51e38da0458c99071f9a7055460

    SHA1

    96fcc67695dd4dfd8d1b5f08d33dd8a9d492dfbb

    SHA256

    d3c767b9a9be85bea829a188e011856dc4e6fd318c21a2f7ab80ff44997f0205

    SHA512

    fdf9f18ab77fc6cec5390d9feef8a928b355f6c99d58154e80f6416123c3ae7dedf3e02e3a51f10a9204fe0cbf91bc077478fbb4d50ddfa61fbbb850eb23c817

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7612a4d533938c7035910f8f4b0b6c9

    SHA1

    36eb8ad902fe6572c0ff94e10d415f3b7dea8293

    SHA256

    31d13f889df66f7a60f4e9646a167fb8f7692695b6f4770296da673578f1b253

    SHA512

    035dbd27d1e265d0b637a817e697a92d1e25396a6bcee620cafbb5844abb295c564d063602e21a5d3bda48bad7c703b241adaeb45aed043a79e16ef462b51556

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8249fd7b1b4ce1da016ac0844fae13be

    SHA1

    52ae7e80c9ae0e7e7db464fc68becb6c7c6f1a20

    SHA256

    bf300d08e1550d1db7f633180c573d53722a73f595cd2308f23f686ffd10a0a0

    SHA512

    52860e53a5703101270f8a7d4fc277ff82a5dcc8922c2d4e8809f8ea48fc90085df755295d9a37a43c60e1ffd3881b674cf9912b512d4ecc92b3aaabe3c5633a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97aea3b8561b4a7fc6acf0d73113510a

    SHA1

    1e20218f49027624b14946564262181df27d7dc0

    SHA256

    6c090ae30b8670fd080bcad8b654f25403f9634438cb9a5c830f74b7fa2d7e93

    SHA512

    b5273a277829298709ecd0af997c05975dfe3b192c5d4be5cb46b43759e3a124e3227127afc75343deda9b51e0f18637cae79a12ad9a275bf0f45488587279ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7648cca7a4216dd73ade381ad1f7f0e5

    SHA1

    cdb4a4cd14512d3a3ce800e59b108c1e141870ee

    SHA256

    33125bc4bbfa9498ebb66f5913e28abdac611877c1b4f6cb79e8ccb05a0f8579

    SHA512

    afa6a13c2abdfaf524cdfa77788ec54929b30f786ff1b81252070d0ba1ae82183d379a27f3c9292d8cf45176121e0b611d3c2da431e4a73672911d4778b6c354

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    baa81f636e45b9b43cfce1aff44b092f

    SHA1

    2d29f2898b266da94e938c0d9ad0dae7971931cd

    SHA256

    8c82eb7d974015224e9d4c02a254cc6a767c7661e5ef6839139447dacc7a1d8a

    SHA512

    c3360274002d97ef151b46a2f50963f853d54f87c1815826db54acc7cdc0d8954b80ac0a2ee1a0b3b4cc9a0e5d5e8ed0c1e1deb114245cd340346f72245a659f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1445306cd3149781d6efd8abccd802ed

    SHA1

    e5022284ac68a93c6b37d5e317b35a8bfd64f3e3

    SHA256

    484ce07cd6940f72b89cee9945e0af4d7e5ac8c903941285e037851ebf1082aa

    SHA512

    f1df88d30418d3bacfde33e0153c422518bee273ad847c21c10f2b95a6974b3fa96c18ea253c69012582834ea8acb9223e9b190900ea4c2df926e1a2f67066b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c28210d1dfdd0901393d8ffce46e78cf

    SHA1

    82af8f40f33ea343b772ca401d7b496e748dc292

    SHA256

    d87aea8c0ab5fa688578cd0af22e173dd37a164b1eec30512d9a4da166d8244c

    SHA512

    605c54f4f5f9d68fc1b2a1df85513cff94d43d38e50c7717f486497455e98c593373cb46f16431f511bcccfc7633b2110eae1f98a1000ec6369b469301b86917

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a13190784fc86a5c1dc30afda1d3ac8a

    SHA1

    871dd185088cf34ed838f3b3ee5998dba0233966

    SHA256

    5aaac33c6632aa1bf550ae2ffab23ff24974ddccd12b7cee73dfe5ffd9c100ee

    SHA512

    d1dafbb4176feaff626e363ece012b6c7aed7f7221f1ffcf5588f410410d005191cb4cfc1657b500dc099d914655f580bfc594aeccf4261055c5e09b39d5a608

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ffa3f1c8b3233b81cd5e51da71c25cc

    SHA1

    fbbd8e3b39156afda70183cbf4d1f1c623fc0b57

    SHA256

    b4ec4312bc855a539add56a663e8e18777aa8963bb3761d0daef664e9e01e580

    SHA512

    e4fb7d6e875ef3d5ae9c99fb47ef3ef129280277f635e6d08eaede28b75847fd85254a7330a027668923c64567ee74323c5fbd7cce160c8377906ec70f799bb9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab365F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar371D.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit