Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    180s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.html

  • Size

    25KB

  • MD5

    3da69e9fd8c50f66a24775834a65a45a

  • SHA1

    4b426a34d97015624efd98346a93c0eede026f4c

  • SHA256

    38e9e87f479de9acc94b003b1bf372037e8f6412263adc9c2215c2165eb8ef57

  • SHA512

    4d919004c9e53204a80901e2639cafc1ac9410f8c68074203fd5f400d478e820a78ef7ffaccc9866b3de78e8a0f3cf35a31c35cdf3c9506c07390e10a71d18fc

  • SSDEEP

    192:ZyvOHNepNSpKeT4IpshkjUBrAsSXj5xkeMojb3dYc1SBoUF1Jma1tDHaHzz0:ZyvOt0Yw24I+hwsGQexWhDHa0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2348

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4ae9a79e3e77a135a5fc2762bf9ff639

          SHA1

          f10077c64624e14aa159703049270c1a0d3d5b42

          SHA256

          7937f1a0c88968daf54f54002d45f5732f1b777bc32f544253353c0381b1baf7

          SHA512

          fe0469960207a5bfbe8081bd68d25fac370a08053a781af8e1340589bc0454af7577ff3e65da6f9ec06c5b4260934a824cc8e2d51f86b9d87ef2c8f8b741acf0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          518a8ca86fa92c32f9b13444adc9d30d

          SHA1

          934fd275eda7b544b187aff3d0220dbd8c651a18

          SHA256

          6ccab78d27fa5b187fe1fe838d216175508e4f0c1abc48b83d9651f28fc40692

          SHA512

          9413113f5a7d2c661b01c01435cfb2791bdf32ee4cdc05db91d3f40b73d7a176205938ded4db50cb978adb2595522f4b0e7e271d57a769a21e1bd1fa3a1b566d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          9505369243f5714214b2de1a72a83329

          SHA1

          98b1c9b12345f505a9e86d47e733fed30d36a242

          SHA256

          3b64686235b2f00f457ad3ca739478f64cd665a1c4f8f4c57970070456f727d3

          SHA512

          d1d9b1c31c0db9f32f0da39af65bce48964d182500ac0e38ee96f988ac40025edb15f03bd711e6f294c967fbea212ccbdf6821295a2fce185a05ce3aa1250f31

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fa7766e42dde333e3a524b1b19507bb1

          SHA1

          496b3ac720765c04df56057900eec881613426f0

          SHA256

          cab0dc850eba501a478569964daeccf9af2ca37c5510a3854de850cbfb58d5ec

          SHA512

          2b20e42fd1ce7104c5d6e4ccc481b6a8ccf6d3058dc0b36f87239f4bbbc110c3bd75a89564e282a6703c1b30c7c0365431fbb22c66c9b2396d0afa9dc34a830b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f8496bc7276940a668815aa86d03b07e

          SHA1

          63e4b2d19cf5c9347ae44120b8fdbafa96e8a95b

          SHA256

          5835c95b3e7f4037aea9d6394c31d18f97b3767365d4f49c1c9df4852e893270

          SHA512

          fb6a300ae858513d0d32698381df3deaf97396c3fa358e3e61e511bfd019deb119aca63a09bff612a000a5d382d4a8038ede2d8aa55f2802d0e8ee0848d570e9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b75978a8499988f02c7b8743851e2bbc

          SHA1

          12efc0f6065142e20c8e616c895f3e4954784c06

          SHA256

          3c33cc44823a530089da104236e04267e2e7d633a10a649b1d77c7af51754354

          SHA512

          c433d659eef58baecd4b916310ffb212fc579821087ee7c3827e78abceaebdd1c62224c975800e91c87434458208a2acf18266fc747d1d2e413de4a7228d760d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b65a64f9124ab262fb228524934779cb

          SHA1

          1ffc1a7c6878a8dadb1cce688a286749a4387a8c

          SHA256

          15117fe48e07e6c5010c83426ed43efee2c05374bfe637ef1ae8c96aab3aa09f

          SHA512

          ba701e8ae5303f1f6037ccc0d20698c88f030505e5dfd62e2314dd29ec8968f8884b39801a18c9cd521e3ccfb827a204be9d985d9ef124669cc3349029ada3b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4f5e8cdba484993d17c9fe8229610b77

          SHA1

          b247f08e85d3f51750a22bc43644659136d0d215

          SHA256

          439f59bd2bd0d3957ace8e7b9195dd5f6c01b9a6c8573fd41601571929f54e9f

          SHA512

          1070c4de1339e877061ea0636572f42d7043197514530ef5025a329256420b0667f17801e41abb2446f837c2a5c067524a266061227775c8b4db9de038260020

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          32a05feef8f31a87e37c6e2b367d0a82

          SHA1

          886a009e768dd368066900b25c3f873b1f750f01

          SHA256

          841bd8e0e790e4500fcd8891a171567f1373369e29e4a34a7b9f8b34dde7740f

          SHA512

          9204e251985e38ed44b1c762844fc4da7c0dd259bcc8d66bd66f57aff40d421e38273aa7e39548cff2703b2288392dc874a8d0b37023247e4f596f62a8d52cb8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          060f765a5b9ca2a444b16f7b683e33ef

          SHA1

          162fbeb4423364ad30544ff8c4c26433de09a912

          SHA256

          9de8b3ea109cc91db26b1d76d1326cf92327ed69c9630fcb4e4aa83cf958aabd

          SHA512

          8526ade8185f70f5fa2748c9731e1b07809c9a2eda0d31761001680901c1d15e90f13985cd98bd5915f172c6f38bad770391fc68633a745347ac124c2b61b0c1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab12A8.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar131A.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit