Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    134s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch08.html

  • Size

    6KB

  • MD5

    47f34ed40b1f03131b1af0f39aeeaf3b

  • SHA1

    39a719cbe6b5d6de87005ba41a2160a58fd2ca53

  • SHA256

    0760046f501ec9c29d93e028cc239efb537bae4e2274dc6499cd7e55df989c06

  • SHA512

    7806989d286bb518858e0f7192a613907972ce473897982e7e0579877ef5152f1a42c492d01f4001f49fa90d6cfcfe7da6a83f60d62e20882370d0ac4b37c3d4

  • SSDEEP

    96:ZBAvOHe5T4P0VVoIJNaLga+AK3fmeeXRKWY6eKseWtey3NedL3n2AeHgonFPmnFG:ZyvOHmDJNSigVWHNRXFmyGivN80

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch08.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2268 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2436

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    909998d8773187fec62793d4258bfba9

    SHA1

    32139921a10930a33da832133599fe4de01cf7d8

    SHA256

    bf3da0e42e83fa7961b5568dd5f643e28d1bfe456a4ba76882064141d19a0261

    SHA512

    8b1ae0d799514da10be5a036aef257fa49e5707b91dec1a2c60953284ccb4bea6356f85a3e1962a391c142cc09ae1104988e9233b75faa3d3eadd7e3576e5861

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6eccb1720a74be6c66d0b86c80641130

    SHA1

    8c27a2d0abf94ce0eba64b461ab5547cf4686b16

    SHA256

    b7451ee4a273f12e3f4119a412620b1829875df6b16c063cfe304d2c959be51a

    SHA512

    7e54302083f7c21cd870ff618bae5208021740850b9fed93018f0a5a7abf092303fe7e11f45230469b88feeac1f7974a5439e8616f0e8f9dbb426a77f8df129a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    114cb4a6936c5ef8961b780fac9433e2

    SHA1

    fe0f3d3a4f92b48957dd5d4c4076428fb769580c

    SHA256

    e6a66e609b2cac8b3d94433f8b1090330d576ae66ac100b90752e5da0c3b30f2

    SHA512

    54481cc82ef24d98acc2ec2509546db0bf7a6212db9b25925b5692c4703281b55326dd0e3cde8b5831a994533f428c2c9bed1f42a8747c516fb4ff65515bf97b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0af7538afbfe824f4efbb2c76d192533

    SHA1

    246a67a0e9f28f28c6fa8afdc4935eb0ad4b7cb6

    SHA256

    9aaeeca7c38b9f09b21a9389c7321a9d06d59d76f58aec25a75ea99469d78de8

    SHA512

    668a98b6c5a8a855af0e068f1621cdef9edbd430ec6cdb8cfaa4d0c875ba2194ae06bf6df7b068b39e8bfac329aa6b387a8629d9dea41ad086100d94b98271e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c15d2610360aece29453166d71622351

    SHA1

    7d86c143a31e7a521623e3b0137587b871ad59d7

    SHA256

    bbc34e40d6cb3a2b884e66473f1e7191bdd3b5f7c0ec58ee12b0def7974a58b9

    SHA512

    42ea4287e435368e18700183fe294e5324a6912caa57a0946b9e3d3743b25c7c031fb6f19169d1e2664527d6af8117f05e892f74d44b6ab1c1ee2bb8a1e69448

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    76e6f11db63847e1d01bd0ab8c5ae7c5

    SHA1

    9140e04642c69a78c98c3ffa87c6f36985aedfa1

    SHA256

    b3348019c2dcf8f0214ebf75382e56d316609b3fe3e63ffff1d38d2c87484adc

    SHA512

    95364433464a23829cfbb08f2945aa574cc2c9336bc0fa0cfd62798c56864bb45377844d8c66dd5f0853f434d980536ba531d1b6b7693e4c18c9543256179cc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eadd69567322132f0e3d52a69a3578f2

    SHA1

    58fb7360a40f6ba9e72d81b6836545338b10f477

    SHA256

    f6ac37c21aee35d43b7fbef8756dcba1863786c889f398524e30558b7ed16243

    SHA512

    939a282091faa902fc856dd7bd7314b77e943c43ac87c7d4e717598445a1eb49e563e19e7db69e330046dd3223f159e33961b19cd223d591bd2fc1495ad1a3fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d98bd922d3a5510e43e15621f4695884

    SHA1

    f8ee0c8d0b0bd1a51e2b3e194f7699963251e46f

    SHA256

    6a52a711072696f38343b9060da19afd5997848d44862231753c3f8e0d02259f

    SHA512

    41242eefdb5902914da551176a18d997c41bced345260418d08e3e9dcb469c2508f9a97ee5f73609d01b3c8b14046672191531f2f0ebf8edca2d9444a76eb958

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d43a8dca69f7d04a29e4c47bcdc5f29b

    SHA1

    df9354b73cc453e057a2a46b731db19d20596875

    SHA256

    ac9035bed285b56f74e7c6af334d8c82dafc4ba76657169720d04524010e9043

    SHA512

    e5555604077eaf10c12f82fa3a37fd6d6610a0375f9d3c474aef255f29378940a9c837bed91d9c0bb1ef9a86f151dee73120494ff7b63dc8171727594723578f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e802ab615128a54ed403a080cb1705a8

    SHA1

    1a51c2b621792708f844060a32a5bf2c68fb8367

    SHA256

    17e6f7dfadefdade23355d65e74d493632974850c71f32624abe7be364709df6

    SHA512

    cf1d631ba5b9fe3693119c71598f18d1bd9a0bb980b70f3748501fd89cae4025376f43d03be2a85835222614941420e88caf1b7edda53aae8b4af5aa946e4abb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab936C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar940B.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit