Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch10.html

  • Size

    7KB

  • MD5

    66ec2978e79493da30461aff57030ba6

  • SHA1

    af7520c31d40580d5a56c0c0b59cf40ba1b41f1f

  • SHA256

    c270af1bf807c5db93f6ed12181f6683fd92ce1420db95e0edf727f2ddbf176e

  • SHA512

    c53447b4be024cb9db412a318347a617de2dbd5f766f79d8b7fc8faa94b5a3ebf3527264f248652eb7273f4abe27f6a1cc0dafd9bad1236c721eb915719e80ec

  • SSDEEP

    96:ZBAvOHe5T50VV2yNaLgAAKyfdytiIxN4gYI7XJ4zJa1JUC/byKD+qmWzrzbKpmAF:ZyvOH5OyNS28tJma1tDHaHPTy0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1108
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1108 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2528

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1995afd92ac6861e53089f09e02d5a6a

    SHA1

    029fc77f76cc5e1b48b335b6227c09f7cb7cca07

    SHA256

    464b5473aaeeda96066ca3a7a183067147ef5c8f04b5c2252be5edbee14bb445

    SHA512

    d0f4336d36d87e4c9f86e434eb819d33988dd7e048dc7364cdc371341a4f62938373b9782981c1f9488ef10643ae2536261540c2c45fdd1ce133b06fcb77a4ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    def271196d8105fd199de93ab2657cf6

    SHA1

    0aa9d264ab2577a8fd8118c492f354b1d5fa572b

    SHA256

    3f2a90cec6c18963242bfdbf9f11f63efbefc31546e4d6d4fb494d4d6ae80739

    SHA512

    d239369309102082f1d3c2487bfa14b16fa1d5cb1477490f4ee453c8c17a397aad32e8d84524f81cc00868e1ac9f04288ba8b3516132a299c6acb56a3dd112e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2e7f81a78ef12d366f86e29b535590aa

    SHA1

    29d8597d905855dd010c6ba33324351eb0f32a2b

    SHA256

    965e230a4e407b062134a8b6ffc81f327beb8b39a0db45b08a03be8388ae2c8e

    SHA512

    a2c06e8ca5a14f5e7fa686aa5455f0d95246c283e9d8c84f6c4bf69819b1627f56218ca03e5b31b2ecd2c4883f49413f76d5bbe65b225cfe7b3b32ecc29823f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9b8b194c80b71c23f65e4700703ab798

    SHA1

    f0df0b1029cf5c8b3d10921cd33a50a07525dfe9

    SHA256

    5fe2519112165fcfe4eb7dd9a47c9fe957da70b41fc58a8994e99a599132896e

    SHA512

    f8e353e335fd5666039bc050f2099f0d0d08cd86d43b0704caa8dfd4612b4b2d86f469830ecbc0bef6deee426c2e034f202e2c98a3c6f7416d87126237c865b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93dd660cda014c1b3245307a8910a83a

    SHA1

    76e23252ec408bb346ff4b91d3717cbbf19a5d97

    SHA256

    469e1fba461c23f8a0119cef54beb664f59c940c47254eb647e0e41d7dd1b688

    SHA512

    4d8df2082e78a0c805eda2d3e86648b0c0120dc5f421163c1f052a858a1af5363e519ac2372977c249c8ac76a43caa33ee72fe925f2208cc4db3305a27bd5742

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d51b144bab221bde407354d2a37ea485

    SHA1

    e890d7dfaefd6edada0836bc552bdc69c5038138

    SHA256

    7be209d52de688dcbceade68f91276e893be66a3aa23b475f5977befa7f28087

    SHA512

    a8d759bbf8ddb94adb0707f590a7dc06c5d3d4cc5e7e37478dd04ed48785e559aa3de91faa97f82bc7215c2d1774c4946712427f63a4ddf799376d86ff8cf422

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    642359729b572bea4d7576bb194dda4d

    SHA1

    0467d44db02656517538ea00fbd954ee79ac80c8

    SHA256

    e89813a3c3590a345026f2f8028316496c3f989d2dfa41c40760a30940468ca5

    SHA512

    795385087d8eb860f2d6de5abacdf101a13ab85e6c6f16363a0893a7efd1aa9a861242251303f7038c02c7e7214f13feb7ffec4cc834122f88981f1f62523b9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    241136acb7e41e4017efd5cbd3ff3c40

    SHA1

    d4339f041a7ea0bd620d30738861e4e3d01f1b7f

    SHA256

    2ef142953fb08bf1d533477a65206556af449b3bd63d877b0d2a7253bf7dd618

    SHA512

    a490e7195e5da7adfdf440a067762bed3427853bd626e0b2ce3501f692ee0dfda48f77ceeb4623bd03e8ec9b51dc76997592f1b9f12c31b340ca313d7a1abacc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    219ba8eb3e4923e6a8a819e7b8865498

    SHA1

    e8c000d9a12726ae174f5323125c2254a9bd0811

    SHA256

    90aa5065f26c2a80b28d0d1f266913b5729e7abdd5f4f264b0ff06eacc2b8e88

    SHA512

    91ea495df72aa16f6b37aacba27e3ddc80fbb0d5f59906acec68bd2b6332d3d84f8eeaba1b7e4604a7218286a6ae5e4abf6ccc1d1556b6a530be97b4556f8368

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    682dcd1ae731b0e25f580658b950f822

    SHA1

    39519000eaded4a0d6841c84b8543fbf57c8c09a

    SHA256

    ceda8852bf0209d8e9f48c7fcb37cff1d88427085f14adc916f5daa58f284752

    SHA512

    981e855af9ec16aac2a88fc610ee05674bf36eefc897ed02b5c770345d9b2e33b18c47354eb194e6745eaee98b9b2a135ffdcc6f4f0fa2d0bf2de8106a910f04

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    054b4c50b5086be73ca3ebfaefe2c748

    SHA1

    7ad0ea0637ae86545953ae4d7676d0f036292363

    SHA256

    74a9c9eba934deb1ffe4d5443ae1dfbe9765c515a0b220c563822901d5cda0c7

    SHA512

    a70be778d6b2b832267f4976334b7b64dcf0bba655dd02a5895c0f11a81659501d77996b6df0ee0191b81c83d6db21e0ce31d0a12b49a45d9469b0ed633a9988

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabAD43.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarAD75.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit