Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

Analysis

  • max time kernel
    135s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.html

  • Size

    24KB

  • MD5

    87a652b81309c31305ec55fd67267f25

  • SHA1

    ec891ce3ea645931f67218b73d4baf552600c9d3

  • SHA256

    60de09fd68fe8fa2a3d7c6cb546d4d8e3fea821d39a0758718b66417f7c23228

  • SHA512

    499f4a39fde52e0461da4586df337e4feecf17489036f355b33874e23e4e8c92ebaa67a47103c7c29ba4bf0f48ca27d98f19b174d91833629566f3bb6df557b8

  • SSDEEP

    192:ZyvOHNepNSpKeT4Ip3hkjUBrA59fQoc26keqdb3d9GG7SB40mFo21tDHaHzz0:ZyvOt0Yw24IRhw5+oeqiQDHa0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2736
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2736 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e71535f7837a1010cde991216fd8940

    SHA1

    15742154fe5d11e0d997e853c751eec4077f93d7

    SHA256

    e10f2677097c930d11e660a559c0058a2021301da6c3169bce01d157999f8bc8

    SHA512

    c6627bf293cc5c80ec1e05f38d290a32d9066d8061c3daa3603a5eebb380b8fb1a99f35b425d5f2127e109db05f22efd05d72012b09d5b8ffc0920eb580f8abe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d720a54b988818bb9282d8587dd8ab4f

    SHA1

    20fdc81c0955bcc7b1fe9f976f5c06aff7fbf3b1

    SHA256

    4d52c263deceed6d2e55adda5785c10ca168f26b672ff008f78ed9edf01c5527

    SHA512

    1675ccfa50f78ab6ae77d54b2ec9492412799b1ec321150245c512e4b36252fcf6db9367fde28b4db30d8e9cd0033fcbca8dd7221454d36437e1c61b45e43343

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6550500fa168957c980351e37d07652

    SHA1

    854a2609ec28a0fbf819ff4ee298ffe4644d5e48

    SHA256

    93e6b39c8ccab48ce0707ec5fdf7ad015574fa88d992e2f0474d479be4777fff

    SHA512

    b2be569e6a175635dac860d9101f2e29d1ba9b11800c8171e0fbadd1c7b52529828f4eafeeff23e565e5bc5c755312997e507e8a21819510b2e5a5d639778d09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe18dcbfdc9362b05167e7cc208707d4

    SHA1

    ee3c23eee0ca350fba9d24c87727edd050e7912b

    SHA256

    ba906c4869b030034182d4e9ea38509377fe68265cdf4e11890fff9102649386

    SHA512

    172760044b48b6302eedd47bf016127f625715dc78690f10d8111d6c47e913c619b299c76e2effe4c17f319a2dc5d404a76b844fbb0117aaab85eecaf47e2808

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63996753670ebe88706e0737efbf1bc8

    SHA1

    881e89416e6f2a4c81f9ad60e293c2e4beb0fad9

    SHA256

    c9cb89a17e973f8e1b4efd163710d6b729f68d2d38f9a7d0a5e71b1cdca604ca

    SHA512

    47f8adca84d02811cd2f909d29c37a661b92a3f777f70eac678060b827b271e8da79b9fe81d4fa53dbeae9c51b8759af926b1d746740acdea6e457c05200ad28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b98f6eab5347a5de02c869d68433150f

    SHA1

    dacae84bdcf5965d0637c42a8771f437e2f4b9dd

    SHA256

    0ae9a76e9a1e804fca1642cd2b26a2cb7167041307f12e05668c647be0eae1fe

    SHA512

    aee6aed0a440d9772e5f3477c4c37d32cf11fd5571f7c8053e4e4f2205f4d43b6acb361562ebf92ea6d1b4d648718b1d750227d1a09339ca82a55f5b51023ef5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ef80b83b155d253412fcabaf6a3b2be

    SHA1

    3244d946a2248963eb5cf50cf153e76a6fe04bd3

    SHA256

    e87ea61ba50afaac3850b4d0ebf74a77f58bb548a843f67360fd2c7849c9f482

    SHA512

    7fc5398d0e4a622c3838244946c6c8dd5df2754da92cab3191f732df24691acd6abdc9c85bb6d32c04615ec624f43c1b8bf49eb4fc7eaf9b5c1a9e72115f71de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41d9de06bfedf50d4605f47baa12699a

    SHA1

    2af20aefad02aaab5acaef5522b3b6fc32745a70

    SHA256

    b4c8643426638469546eb8d31a50fed7d7753e36a0cb5610f8cb1e39f447d6dc

    SHA512

    d3686549b0900bc8a7a63cc8a75b3a7cccc414466b2b87872f36014cdd07eafc8c0e0d155ed40eb660f95668bddade03138457d2af1096282e2a5c955dfebcb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cc781228b3f52d35ed405ffaccbf5fca

    SHA1

    683eaab47189b57c75118329a440119b30be89af

    SHA256

    4899e71de6f0291fb62757f510b0b7606e5cf5b3d6cff054a8d24ae88207da4e

    SHA512

    26b409e6a3b89eeb9f3a92ad82f2338defde39b820743d7f16d54d8895dc46015acd61d5f2ff096e3321b4ad4c439909d22e00521c396f565c0ddf877f75bbb6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB1A6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB245.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit