Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

HISTORY.vbs

windows7-x64

1

HISTORY.vbs

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch03.html

  • Size

    28KB

  • MD5

    70da20dff901f4490e4d0a6dfce0196c

  • SHA1

    a704adcd02bb541a614048a2f9de1c1eb8d966ae

  • SHA256

    3cc2131fd11135490b99105542db108df061454e284613dc510d6714e6c68989

  • SHA512

    097cd024668510d1c23e3123f38c7239e4d9e9aa5262a201b2df0eac659675a9b832d39fbfb447df3d830f504dab4d7bc57aa0b3dd768f6f13de4f2c46382077

  • SSDEEP

    384:ZyvOtdYS65/tRfSzx+IbdjSO7vzpkjLTq7afdbYG7ReERCqOo:Z0O+VtOxtbdjxvijhfdvRCa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch03.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2532
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2532 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2260

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9d5763371bbc67b65805624ec1e72906

    SHA1

    572e66872a717ad1558cc7f8e8776013488ae3c7

    SHA256

    ee71307a07933b0ef65fe7a59634e01bb98a0319b5f86390758a166f1cdf1373

    SHA512

    4f6ff543170af4e0340d22899283175236492b7c80b762245d72361de8e9b08360d3b289e8278b5af1ab8e612ca57e694454e952a53935b8025b055d41e94465

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f10a24e300af56278071278d4558730a

    SHA1

    41fbf1eac0d443ab587a7d66ef92f97300f4aa8c

    SHA256

    f413cf3dd621ffb915b1ca666c9e39ca2ffb21388e7599e9bea5a69bfa9c162b

    SHA512

    e1cb33bf168d15ff8f617ddef9ce2a16e250b48a8ca2ec117545846b66448cdf7e34b695fbe09e123ffec33fc198b0d8259b3d500f16f0af70115c486ddcacde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b6889dabec58855f600fa1440752e23

    SHA1

    52fe42aa98975f76506bdc31c2aed7332bee081a

    SHA256

    e96054f87a3c60e24e8a06a5c51b0b30d14159faa2897a94b1e1cbd7519ca6d5

    SHA512

    fd06d5a5ec49b665a66ea91b151c7d190c9db8504a43cc1e9eb2758c4f417853aef134042d095c19ac29f1116ff26d452840eed17853e765790f3f5d2cc56f81

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1063c6c1510d2f7d63c7e490b6706194

    SHA1

    0fe4b0a4dc2a3917444d557ba7eabe3bfe7ceff4

    SHA256

    3b13cfb94c5449c805c355ba7cb8a795ef3a4859754234981a5a08a72b66ccce

    SHA512

    e62d3bd085057e5c2f41d0dfb0b40ee1d1c8037063bb0ae94307fdb9009f7aec790ec8f864f3b2f4ac0b780fe5e24d8b9effd989bd177cf2c97a5c2a9123090f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    37cc7de284f0b2170f19b31c9c2e1717

    SHA1

    ab6bfd031a8fb29110bcd5ebe555974d6209f792

    SHA256

    5c577ae72475e2c9b3ae6578e51af9850f14521d75842bcea845d3f62cd28203

    SHA512

    5a6d3be5182120f0b0208ae2fdd6c475f20f2d1ad4bf45571de176a2d654e8e7b40e1c8e58a72dd192867d5f86b5f9d305d74eecfffdf2c71993d3ccf28b8529

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f792462569e9081813b2aedf69d9fc6

    SHA1

    95ee41ed1aeaa56eff7039175f58ead57efd9005

    SHA256

    3b1532f5e01ade5ab19bcc87443563913ecbe7f46fa83b8a26749641189710c9

    SHA512

    41287bf1225911ab2480214def338561034e453688011fdeb574d23a14bb8bd5487df27ddb80fcb513c99479fd2b31186e80918808bae192893b0297925fae48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f18cb8cc4bbbbeee9c74dfb2868c3eb5

    SHA1

    e14d4fd81f61a9d4782e7476090ae8d35b756d00

    SHA256

    e584f3e6d790149260f646eddf3908436a8e4b338d3535187fcefd6fc7e3fa06

    SHA512

    c8535a3b4d66e5a7ae8562d42872c32d0da3b912209cd692f37f08a48d1b9733b7ab81698484560b970da4e8ba5abf43c8798b31978b97d878e859c1ffaf4df5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    397ee1db9115adae9e92f254f1d98b26

    SHA1

    1a235b160202b49161a8c865191d392415fb9894

    SHA256

    277c6273998ff2c572bbf1920a20ae9da065e11bf1ea9f48be7aafa12de9163c

    SHA512

    ffeee60336801cee98c8f4dd549d4a0bd470081d410cc6bd54412c0661792a7aff68336bd7deb476a38ce0481d52da3bc4cbb7181d92650c768b3c5463eda138

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22cd7ccc40a309b83faa44895f98c842

    SHA1

    deaddbc1998816f5b19c349b4545e45ab02f4466

    SHA256

    f83cbfb2e4bea79a48681150d4e16b5257176c17e824e8c84d47579a12349ce2

    SHA512

    70280539b55851d161041f7fb974d720586e9147344f15be3e256f5a4756b29bf31697d142fa77feacf3cb66e929e73db8c0b682ac8faa2253d35cbc24025545

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    013cd2a8843c3252f58f9b0f4fec8500

    SHA1

    8c7102a638cf03b3725839544e6965707d4a2576

    SHA256

    73fee88730e921a101e5f956e9fc21f35e6c281b20ac10d2f671e16dd22ed594

    SHA512

    f7a1a217ea2b276cbba16cd933f47611d955c76e9eb2ee1682e7f225c244237af8cc7381a7a590d71a2123c3bab046f41024476284ef84ff338c369e93f8e019

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cbd4cda7f1fcb071fdd756898fe4ce22

    SHA1

    a66a062f9ba1f69cc6d8728f823d3f0e1e3a49b8

    SHA256

    7a66f96a22305c70a13cfa929fed380f532238c08542aba5dab7460b51f51d4f

    SHA512

    3bc0edd18785542c0629dca9c4a943008d454587bf54a75d0cdeab81795cbee93c360eceb1fd404794ed7f1df47790bb95a4417370688ac81f73f90b1b67e828

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    663cc93a815704b392cef5f48faeb8f6

    SHA1

    19bf3922232d0e8b0a4924949d06ab9785730d36

    SHA256

    d118c36d1e2fded74be4c930b54dfa5a9fb983235afcad7456acede86d41d924

    SHA512

    7841fed31cca72519adb0f3c093e57c8c1ed3fb09352bbe65a5cb34f8b08feeaf4520e6937d39d909938eb588a17137c0c577ca4b46c6e8152a5d5e979fc550f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    19fd18a9cfc8c5f2ebc98578e7bb6467

    SHA1

    655f31b87cea001f79e2ce6c808404e9e9076356

    SHA256

    3389a13570a081afb3f96b8f606b78689325189593642ee814e0ed9f08c01d66

    SHA512

    45c38257de836216771c734a5263894810b578c17de1dd842cf2398e19c056b4929a14bae64b5cd556459124cd0c885782f659cc1c2c5d8f7a05ff96268acb6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ca003a6fdc8ab968e158bc0f0ba03962

    SHA1

    2466890bd5bcfbe668341a103d940fd796644cc7

    SHA256

    14723902413593bf816f56ac42b2d2106dc808085e54d08a886345deb3436dae

    SHA512

    8bd34d9291be19f82328556bdd6dbd081434bfbaab35c175e8cb7dcecc93bb1512737e2dbe490390a7f7b9bafc216fd76e9b075fddaef77a0c86b3357ce0d970

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b2e54eebd1815cb096ff936654f1c8e

    SHA1

    c74710e98468ae0861afd6144126866f5f500dcd

    SHA256

    2da8c61a7662754987a96f5576959d052b2b6b69048740aa4efb46611e8ec694

    SHA512

    dcc37b675b64822798905df954df96710706813944e75c4a02273a10e89bb5f6a71ba792b5bcbae264e541df552a2dd9fbc6d44729e657c12f740521551ca6c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    52608de1aede1b64b907a1977711e1f4

    SHA1

    a66a73b28c06ab22030fe60d8323f3b3b03f2888

    SHA256

    509bf0be213a8d292294d6189b97dc08bfe5777d794b57ddfb1620c6490abd1c

    SHA512

    98807b686610f25767e94acb7b68854a617e61c3bd0a35dd3d733f0b1c363e0f47dd1f5f04b6827b32e781d16e03c4a9e8cec3fbf0be19940cbeafcc28f1bcd1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9dfa44962e6c052c2e89d3c0b55aa6b

    SHA1

    aefa610fcbf884672a336f8ac57bfb715a14bebb

    SHA256

    021d5571aaddea1ecf6cdb36d6a91c1e1112faa7871c16adf65ce2312466d59f

    SHA512

    0ab8585d7f1dbd899c6beaf54676b2c8ba61d261137b84a58a78bea0e08bbb80c7458bdba7c1b58662fa6cc6d5b94b51970fba620411482f22d25e1260e46bed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab767A.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar770A.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit