Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch09.html

  • Size

    48KB

  • MD5

    d61b1ef443070edcfe4345a894bccfea

  • SHA1

    f5e8ef62534ebcda29a8ec55c7daf06fcc0bca9d

  • SHA256

    91e3e2bcc35a000c16bc54c46a714cd3be466b7941446bdd7d46dc75834371e9

  • SHA512

    4f1c33b76af195bc45ea43d2ec7c14c31b5e133672169a04b4f77848a62d63f4ec1944b8c078395f47ac8fb7e7ccf37bd49171522fa6d9fab6d0422c5020e52a

  • SSDEEP

    384:ZyvOPaYtMKx4U3iK1siN8I35lKDiQjkFRJa8VflHpCQWrrEobjWZ+B3C0+BvPZKR:Z0O+/UH6I3mD2JaQWkvZuCg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch09.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2660
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2660 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2132

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5b853eb5a28bc16c9fb48b8b278e8cc9

    SHA1

    59ff65ab146cfce8b3a54bc7784afded22884826

    SHA256

    e23cfeea9eedb63057c9aa6b0a990c7bed5dbc2d34f58ab1aa3838ce8476379f

    SHA512

    5f97ca8d0d9020357805b19220f3f01345ec5feaa58464e849f887c80c0fee21c8f346774a4552eee3ed2a908e964c8db6873b5443b8825f3076a53541dafc03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dbf82851017eef9ab3b09973066f1370

    SHA1

    63c0557bfd482aaef3dbd87c82fefd652024a21c

    SHA256

    6864a210b971b5ccdde5a6d2d39a10dfdb1b0c30846b932fa1ecc7b82b38d457

    SHA512

    891256dfeaeb043d23a38252f4a388063013debd2c31312e05b0bb519d377376a66cfc48f605b62621e1580c96263eefbaf37bf57ecf92deed086976022eeacc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe4fa219d1de66ae3f9bdc41ced01d4b

    SHA1

    05657179086b191c161fcf1324a6db550ffb024a

    SHA256

    6ee5580fca2e65e7568fab2a24258dcf4119e7cae104a568cf54ae75205f1c4e

    SHA512

    48ae73f643b2783900dc9991f1d7574dc6aa0faae7fa7304f19ad351d31306b645fd43ee84c55bba7bf6c3bc92e7df828e5be61a98a63900358d3e1493316c23

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7488d5819553af299bceb6ac56ce9351

    SHA1

    c9dba90b1c28fb9fb518265638237c3babcd085c

    SHA256

    d05bcc8123efbaa73263ec4ea19e5f4f22c92fab08db728da38fc2a66d42be91

    SHA512

    a5614fa0c7ffadf409c5d71a78412bb60af731089a9f5ca15cb33ab119940c9769e8a99948a2d75b3da5109ea09a0d4252f92741d96225e19ec2315289efa360

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b328bc6258e247d6cb7faf003a39921

    SHA1

    2aab94feb297ebb83df31fe958ddb9afb17faec9

    SHA256

    e51598e5012f24fbf05729f0fd0bd9ec178722db9fc55ed840e531a671fbe940

    SHA512

    c8cfd3cc98f22d882e457655c109a9e4ab9c67a4ce3ec34306b36c1c5204aa25f072d85a5a60fca1725632bea31fc1b6b7a62b9c157668041311a5483d527f8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01c5f08ff838687f665bc308891ff36c

    SHA1

    744dc033d8b0d0a876eafc5db9ed335b72a7cfdf

    SHA256

    df5c0ec9fa0529fbfe80bbf7a6e66737f2f8d3ad119ba4e6b668fedeb044a9cb

    SHA512

    4dd1d60e804c8af4ceebe88d14f0932be0259027cb03b9e5887362267047508cf8628601228955d19517621cb25f1c3ceedf2a62816504fa16d175993faa183a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fac889dcfffa8775ad2620a595e76511

    SHA1

    f7208086e99f85b660160a84b23ebba60fd9bdc0

    SHA256

    ee349ba20a5cbbacee89c454536c618d1d23d19004e5eb16c663627c64c81c45

    SHA512

    8b4a297c37646d5a313b260135bd50d62b1b2452b8f7bb59a114d5ed51e1b1e3a285a6833343ae5e7b2d68f12ede28f1c816584b7c57270371979da8834671f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0048d39798a8318c46a4ac8fea39665

    SHA1

    d4369ab3220e851867161e5330260eb332283acd

    SHA256

    5d60004ce714fc982aacafa1be9590bf64b151a12c3e2ed5551b140aa334dcaa

    SHA512

    83b901a43ba1932ea60cb0fbdcc3a775fdec28c80e5338e0377e65b25f64999f6d1ac5197394f4335d51d3802f7e62981a43a41b795904bdb81499f8eb73df5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c21c9450c79cc2f3109524648136c215

    SHA1

    c1e3684b134144d1b90df0f179770dd023a306d0

    SHA256

    82f069937132001b0ac57c4320678f0d98bc1efc1394231d45a050530734ca3e

    SHA512

    40e7d689ec6b7d532852b2760b711b9a473195c260c4e3cb17263a3d09c79c0bf0ff40280593fed8d43f5f7cdfe0cdcb5c6f768a97dfc0ab3eb8d8a721f496e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0767d0960a4cd43de923dabf6358998f

    SHA1

    2a08bf21940fef7c4662282dd8dd267140a2f760

    SHA256

    33cfaf016ea36263f5853b5234e071776bb95504d13cfd2f81d43aabd3a19fab

    SHA512

    6e8ff046012f863cb1e24b5c827e1e790bfec6a00985648f8265306167dc6d93b4f63387563c769c5a48e93cbad4b7a6b55e37df6df6f0aacdcd73774f5b27d7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6C6C.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar70C3.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit