Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch10.html

  • Size

    4KB

  • MD5

    ece51812ad8a229bd692956e0c32ebf7

  • SHA1

    636889fd167fa4169c7b591b78b98a723a5a3c15

  • SHA256

    a2d810fdf635c1292ae195f7219f53af3b5f2fe5449ed62c40be338b19d62ff3

  • SHA512

    e85ee7887e74c9047a5159dcd71d29fa3d6ac4d5411c834fd78786b07242e8cff2f15d316fb8e13e12384c1798e03bbd36025dce8f4ea30f82af3ddbb20fc654

  • SSDEEP

    96:ZBAvOHe5T50VV2yNaLgAAKyfdytI4gQJ21JUC/bGD+qmWzNawAiaTvilgBfHU:ZyvOH5OyNS28tN21gD5Ty0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch10.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2412 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    39ac1a020f5a5998a236fd496903831c

    SHA1

    95ecb0f49088a7997d4547a09ba2042243dcf509

    SHA256

    b3ae47200094e2998f4f930eb8d5b512411b6f93ac71e8787db67ba2eec68d7a

    SHA512

    54e200c78462025153bb7a2337b8014ac3a5c12288af1e6f50b235e168273c98faff41d5f83113eae820d110551c8259c342b6de7aff2a131e5920f2939a3e62

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    918cfc42ba45fd2f6b873f8f6c48e220

    SHA1

    76309820279657647785c1444428fb813ae889c7

    SHA256

    bd58c36624ab1e2220e1ad6b5e5deabcb71056e3cb1bf9602c3c9be61817c5f4

    SHA512

    d716ad6431ec920990ae86c2277a5acebc15b6c2bb0a2e55d6832e51996390ac1403f5fba9a1768d73295608ad0b639076905846a6b2958c93cf16c3aac2d96a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e30b9d8779f0adeb136561c14bf38bb

    SHA1

    dd9ecd69a986b0ae1e0640c734cf2c6a89b3ac5d

    SHA256

    b5c91256d30275b80451195076d6459936c9ab240ad60db5f25769e35dec55ac

    SHA512

    9dae73ceaa79e639cab0cf2ecf6bb5d3b21abb7c881c8580bb59c71bef450128780918f6ce51300fbdfc124d08d17904cedef6b8f0f1a1d317e59ef425051472

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    753f050502c00ac0f494487516222b2d

    SHA1

    692bfd4602e9bd481cc83daaf2e906cd5bcf3ca9

    SHA256

    72cf29d7b51ebf2b1964d9eea753c8c5afb757cd6fc9aca10e3150c52887127e

    SHA512

    1eaaeed4ab6678d330828b9b1cca4da48db27ef63dae8b09fecd954863ce8cf7721ad3f097c7daa437b2376cc1d452555b4a23fb5064f69c3b67406a91cba14c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d78c949c913a8c496641da63b71893d

    SHA1

    eedb55d9869c6b2db455246fcb1426c7e36c3cc2

    SHA256

    17b8a4f7ddef1ac2ced5d585f4b610f1f6eb9c615b08cd433572e1c75b0fc5f7

    SHA512

    59f09f80038fbc4111ca43e891cfc81fb923d980d2763637a4b6d077301999a604d2102f45321aa5edff0087f03f7be1d713894e0b6b6075b7cb45b2ef36cfc1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    756983b38de57e480fb6e898723be81d

    SHA1

    7a9c0349e722d153df0bc5f77549f6d232a9202f

    SHA256

    e25b041a60a6582a9a8193b56cf9f197fae31888f6e32a52987a6e11f3863b4d

    SHA512

    2651ca6c2b341b4c005ba26d28970d1ef0224dcddc659677fe3ab6a43e650af0ba41537842eb543485aaebc7631ebf03c50c2036a598faf83ec3fd39308f2bf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    16c1e1acee6bbb38ddb7c5356e7ccf63

    SHA1

    9ddcbb7a553b431cd4e79e250c0ae8840ada24fb

    SHA256

    2dcab0e274fe8bc0f5438957061771b7a446b41c9773e4a916271f84a5816969

    SHA512

    aa47f467a497af21838739befdc1c4bfa314beb593a94af90d62a424cb9316859beca9d564f363a896dafde0776abf0c8d5f0dab75787ee8b429e5bf3f89a1fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0d68f00003b380f894ea58ec469517b

    SHA1

    da3dbe0218b1a031145eb51bf26e37d1e53eb777

    SHA256

    988b824b2760c7ff3f656ee891cb4a726fcf26d46fd2b998e153448633f58c34

    SHA512

    518c7172cc731b86680e4d7f2e6f0b067c1d14b07c1c769fc6295b94408c350550dd70458d4d0e4c982e6bef935a295b7567885f07b37bdf3ec5af7716e5a35b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ed13c14873161ed7bab493fc8437ac71

    SHA1

    5ff103dda8fa8611ac3df3453663a598ccac5919

    SHA256

    051695b177e0a268a8ab4c78b3a705176c0ea10f4e32b4ac9b89b0d971f197e8

    SHA512

    5fdf8d7b030304ab8f485600fa9cd17d3683bcd01d9f201fc3bd6c7158b7d258ad9bf9433b5ebd4abc50cb6088bffe27fd8878ab12049a1a6e1b834e8fe57aac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    224ed8c69c88b68ceb4da81df2c95110

    SHA1

    2d3cb889313adcbfa5689680cc38b58eb520e2ab

    SHA256

    2d6d5d1432c604c54e2a7bed2beac8a93697b0e3fbdaf27aacaed98dc62e5c4c

    SHA512

    95b32c4d23b2d7b45d7eb733744d358b22665f6cfad78cf3ae57beeca1905ff8dadd09890d77d462af4c9d0558ae8ee0bd53254cef3d3bfaea960255cb41b35f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1bf2f66d6a7213506da1239a0e18ee8b

    SHA1

    10b002fdc2bc8eae0ec7d2f428689b6bb06fa4d6

    SHA256

    1e24c31295ee25a6ef9c94106e869501866f2262018b7768ad9b03fa62d2f723

    SHA512

    e8a33f01797299a1e5c45f15415dbbf8e6bf34c255ec82d6c74df3207e0ffcc880b91f53d77eefaf1682095e4a63c4a237d79d558d11ce228f4570aa1e5f6579

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a6a284f010a5e1630c068d31c2cb7ce

    SHA1

    271c09dd66e05456d7cca5926fd9453a95f5b521

    SHA256

    387e6e3b239eb2cb1f8fa387db16c6b702f356aab501bfc74cb19a7416bca770

    SHA512

    caf5e6a30e930e56ec04e00a441dcf99bad080f7c963dee18cdb7d84bfd43bf909c7960d5c23c11a5b25187c13c2a5acb7791e8d47d6aa418640ba070665011a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    180add5ce712493bec190b2c439acb0f

    SHA1

    46fc46aea8af2999c53b807f965e01b7ddfbae5c

    SHA256

    9ae576a4010cd3581fbc932ae6078723f4342ed3f10f70ad300ac1cd7fe316c1

    SHA512

    dc3358c030717862592409de2f77fd4324faba66cfe144202dc10eb5a9fea0696098fdd89ff9d7b7d559874dcf8765b0cb5fd6a17796d24e5f55d2b36e0e1d55

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb750e50f1fd3c22f1a96de00169bcaf

    SHA1

    fcf8aa8c33d4fe25fe21e7907d6efd224f7feceb

    SHA256

    964ae6e2f1a338cdf88f3c281b810c83738015b35555942346038a8deac67845

    SHA512

    8fb1204c71600d022292f649b82b4e20dafc7512fae5620c8bcdd8a7e5e7b90f63f9b0aaa131980a79f34f5e704b2cdd167a04e7349c75d843fe772026e50c15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7c0db097893dfc621339f0313998547

    SHA1

    cebabfac4c4144b775e666b7270bdcf7b78d376b

    SHA256

    340516043c205d8a7815d23d3f9fe20d96ff00f177fcbd8cec13b239336c2f74

    SHA512

    a71b12c2215515af1062f5bd69d466467bc0704a437cfb430a589813878efe96937f7c7434cd6873de5d7dc605a98df90dbd468ffd91c9b754cf8fab26066b7b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9636eaa69b024a7eef8f3d776084a476

    SHA1

    3136ef755ce9135d5fd3c22cb0b404f4b2c2e00a

    SHA256

    92115159f8c1b6f3d52081297345286ecd7dc08f6c8a960cf916f6666becc45a

    SHA512

    7d6766445204fcb7528e173abd2168f13794ce88c69b12bdf35d5bddcda17d77aedff2526672c7b28750766dde1cd1df0bc11bc222e9312957bb41fd40fa637d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab94A3.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar9565.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit