Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    171s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.html

  • Size

    18KB

  • MD5

    704a504b0c5b0834d3f5444899a1ceb7

  • SHA1

    ed3f341ae706ed6cf5e79b6d450ca54ef1ea455f

  • SHA256

    f1afb762d7e1e8844223b06cb93e263f93da52b0f3ad143cd7db2b98227775ca

  • SHA512

    b6e89a6af4e371da86852c657b743fce31382d321c18e9ceb6184d7dcc7fecaf6539d0c1aa4c41fc0771ba43256647509142cea2c3fde58fceee8bdf8d28e167

  • SSDEEP

    192:ZyvOHNepNSpK3T4Ips6fojT7rd0H5YOkej6KDb3dkkgSBjbN21gD9z0:ZyvOt0YwD4I66fG0iejhtZDS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2336

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27e23bde5fda472af0fdfdbdc1aa7df5

    SHA1

    166c673c18d340cf61924a2cee40248bb622e3fd

    SHA256

    1c58595df764476b4a00d1ff2542531f97f2af51ba3ae064d9e49e86a8b30778

    SHA512

    d280800d0bf3354077a6704b65e23c7983df48e01d441d8683ccd7b6e9f473e05b808e8cd5c89625c248111847a6c7decb33aa85235feb4f528f5e4bd9a45be0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5d3bc4fa7b84c1f9881723a8cd403db

    SHA1

    e3a1b4b296733ef04ae6b26840b056d78d686d53

    SHA256

    b5a564e3d1bfeae28fe88d180f49202eefc2ae74e17526d9cf3fc85e303cce77

    SHA512

    55a3891cf1905a9572f35b9744886a866c8d33b5561c45a0e0667bc477331f1344e45cd2097f628cba28100a4582ed785be32d0027ec6feb506db537adc663b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50b3644e42f045fed03a7e451d920425

    SHA1

    e345435759b4815a1e387ba5efc2cec533cc8950

    SHA256

    7e6d3730845271be6a8638e00375853f8982830eb3c48611bb19ea2db9cddf20

    SHA512

    0027607586e3a81567b6b93a666fa76746ee1da2ae6c89b173aec6e32d402028aef5354e7779c5e6f24c32a2849533c45859c8c62deeb565de734cb0e1e6f4d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2f32004315399f8dbb0bd5711a23c19b

    SHA1

    afdb7b64367b53a8b9f11305ab96cdcc25951793

    SHA256

    2bbdfcf5cfb573c583973941a9338517ce9b116d8c2fdfa45c2382e69a80cbd2

    SHA512

    ee733d4a411698ef550839e8c15df6b5534d8071245b81828b68c159ea5e099744f085fa78b30a3953ab33e43435661d9e3a375af90022c98a9c26dba3c94881

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a780c2060928f2d50564af07cba5158c

    SHA1

    e1d5f09760da164da43977f0e37e9266fac912b5

    SHA256

    a2bdd8ba7c20f2d2a4c5144ff50b6dcf6ac70dd349f85c843c2b990cb73aca15

    SHA512

    01c6114bb51a325ab10c30073c9af3730e6cbcd01c063fe1cc326d8c04d0d37763ee3c4e12c42fdaa548ca8e8cdb00cdbf6ab7f0d1fce674c02083774792195c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee404d6f72acded6b45cbe7213c49c37

    SHA1

    7f27bcaeaf072d38c3e852a6867234480ea910fb

    SHA256

    b3d63e4bedc06b78abdf4a0949f3d6efefbb9bc8dcc38e48fbcdb6e87f578458

    SHA512

    04a220a076930d9e61f1908881aaaf2248e67f6b4f39cb9b8e3dff8ecd4adb65605254e2e55d70614e78d11c1c39face741649cb573b235a0f151d163d2cdc98

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    674f015553c57b06af3c6df7e2cdfc4f

    SHA1

    4b7be020ad4190171e15042668ee3abeaaf38a4c

    SHA256

    cfdfc7c7d17d983603ef8c0d2700ba44d2c094df131746146b5b5521c19c1c5b

    SHA512

    83d68e923cd75b76d5793ed0741072d34b35f4b437d48aa083e7420be17ca32ee1fe12694ebdac9dcd32722444ddd0d8cde14a376c3a814f0f9b18d378fe700f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5f4af7a85d8456ce698fc52f7a56b97

    SHA1

    2143fbd6d8a3275c1a827ec19d0dc22fd1d05fde

    SHA256

    a3e8fe85a25ceff91103a28fd8d4f2bd669968ee3735115b371393e98923d736

    SHA512

    d0f70806eaa5f583c106cf3b8e58898ea661a7a728f0565200e1718dde32d43fc3e4533411a8935fbd15051dabda10ba24b307b51a727b3561828dde1ea9bc51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d06dbb109ab1bc3f45687051160cbb32

    SHA1

    1d92342116f1772eebf896c290963befd426b788

    SHA256

    5eff7daf5b45aec063c8a2a421815d6f09b386d3f62744f23a58af104cdfe5fe

    SHA512

    86b4eb4f793d75d8d46287299fecea73c34f1f4b6b0e3c8a978f2593646a292e90f7ea81e0d76f654408ea886f309f11ce28816374e526a3247f8d88dfa4b7b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    77a38a4321ef40af5419ac971005677f

    SHA1

    ee627272df74dfa93aaa2da71a6842374183c965

    SHA256

    a40a1c3119ff887e8fffb497b3796df63186b465235eb1349846ae1c741266aa

    SHA512

    96f15275e32ec48775f2a1357c5ab16060c5aed56be0f4d3cea2b8145c0daa57d2f2b6f89c50d6c7b1c124c04054ca433abc1e8f0e6b13beff870345fa2dd489

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10dd28477e5fdd7052ac17dbb1cdb804

    SHA1

    4e5e43f4316d0924ea8871e45db26d6bd94f9011

    SHA256

    5340623fdc7135f01a62651857deb0de83e58eb96e513b4f0be450e8c0bb9fa1

    SHA512

    709c95abdd724e354f8670456aeafded131b1f16eb5f900a68d906d2bbd142664bd7b5e702c89381fa5221edb9111cfe976a17b1420f5f2166cba5206d0f12e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    571e593723d7cd8fb2c060e96381d708

    SHA1

    68e8ae84a836ed13fee990574ad4c1a5a913e413

    SHA256

    214f397bd7ad4ccfccd7b321aad037c167008781c860fab89be5dee67d97a10d

    SHA512

    adbf1211d2f02a010c62bde9ba8e68a504956db3f107d2ccec4577ac886d373623e96253552f1d59a5023baa609ae918ef8ab1f830945f18ce626abb0c2a1665

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab144F.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1471.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit