Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch01.html

  • Size

    24KB

  • MD5

    687c31b154e006cf7bda4133c9faab4b

  • SHA1

    cc47f6a5ce0058adb83e16a7d1c1a6b44decb230

  • SHA256

    2c6679312f9b47843fa823d0190ece85d8fabda0ea8701f9751587c9ac50eec5

  • SHA512

    3d85ddb7b4441a85ec75e390f77d5d37ad499e8a40aac374992cf3f4e3a76261207d102482368ee608abbce66e629658d128af38b46389ff50c8d6703ec8aa7e

  • SSDEEP

    384:ZyvOXFYN66fNYbDYLzY3Y4rOZeCl+md86grGp/8W:Z0Oh6FEYZZelmdWa5J

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch01.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2764
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2764 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    11ecd047d96b3cdde2f7297cbe7a5214

    SHA1

    030c26d7bda9392ef5ea9fa05d1aba0678e1a874

    SHA256

    a180078a8fb69f78356cc3cf21a0f721612e4ece0c42407e947820d815dc6fc6

    SHA512

    ee578c0e276a264c1a685c79fbec57677a168dcd683b2ee779fbd582ee3c83dbb8cfd34b999b9a9facc990f6748d255b306771473574f612e27eb986a7d7c2f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0d45825935038706030951695bc3e814

    SHA1

    6fc1092dffd2be632712f87446c460a02fdecf10

    SHA256

    c1693a47a729db306308caff418c8effd5742546fd8997f2be0417931feb7403

    SHA512

    570168a5e743716a18e8ab2df841c6eeacddde96f369c87dcd96c6e985212adc940a126622857d81463d5ef23d1a9f2b16fa60746a6c899672a9e275765ff67e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4fc867a9ea01ab14f0b103603019c26

    SHA1

    33eb90f09321384855545c9dbbf7ab7356f35c2d

    SHA256

    861042a2eed44f4e2e4284087b9716a5cee157df96c70ae5d455992697d1037a

    SHA512

    7a1a378a974bfc15b93ee16c5d7e14699291ba71a534a7ac4e14e253c29ef888591dd682c5ffb47e0ac53b142cca56fca02eae7dfbd321a2e35c0722708c2cab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    31196eecfad8519053894cb314d4896d

    SHA1

    ef554fc0a28b9136fb4335443b66b22f72b73796

    SHA256

    4e513ceb9c0e7fc1972764015f75d014f90c5a3f5c9a6f475458002cdac3a284

    SHA512

    ebd28e5cb31bfeb8bf9808e440b1f1f855c722f2acfb245a4b324c97773bdfc99d3aff86cc1006b8a7f6514cad9035d0b1f3ea94a71c5426a1a2d462b5f7175d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b6b78b27becd7ed4ed85e738bd547c16

    SHA1

    b941c68caf288ca078666ea076f06d6507a4a2ae

    SHA256

    f264484a5e63f78c7175190e2df71f3b5e0679f96a0fc2306737bc41a2f6c8e9

    SHA512

    2c43bffcc6c998574008caff456cef6e61836f82deffd008aa3d4c7852caa59ffe8b623a4c0f01200a31bf6a824df656271489abe761306395720e67c4ff9f4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f6737f34458c955989226ae04345547

    SHA1

    b7520c2f5ccc64f90f0a61c71f488fe9a646a85c

    SHA256

    edb9cce3cea6570f9b5c28ee0f403e0aa09082d3971e06db8b380673d1008eeb

    SHA512

    9276e6118a5469539091147052923cea0a24669ab909685d1d67878b5c91956589bf76a911e763506cd9da149c0b46f49ea8cf73a34587ed1631a0bd98b7591f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b15256cb4109d373c1ffd8ee51fcc19a

    SHA1

    664963dde96d89e81590811310f9737f1712f40a

    SHA256

    fb2f160860426d2af4f56c5bbafe88d6ef59bb1cc9e502c0520bedfbf9af61a8

    SHA512

    4c9e6df68dabf26205c6860ec7f1ccfb405bf08c1f067630fffa4d984db9b8ba7a1be3809f860a3352171db74b8a258c21ac1ac119f2bdd6600b78081d6e3b3d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a6ef99064b675f432a3df742f6321518

    SHA1

    d27ad869888c199448a7bba68b8b2d73a5d723ce

    SHA256

    70a6c9a44c91ee565f06013f750c4494164370de37e987d1ef964b842ad21d80

    SHA512

    aecd42bae837e71fcf8bb65113115688956034a98f8a21f69053bc5231b826d06eb9ce38fac0de35e772b3adb8fef12bf8b9ef5b3762e730eb9dc78715948cd6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14f0e55e21e5c41d5e94d7463af9ad20

    SHA1

    b0d08c9507a07f4aefe3133917abe933b341d4da

    SHA256

    ce6424c2dbc8df5455cdab68b4391eaa1fec1cd8d5edb2933ea1a86ac20a0c03

    SHA512

    98a70fd5abdf35a876ef9620ebbf24cc52b5873b24a10bb78dfeb96fe46dba10adadecfdb328e4c60c65979f6d7ee8deaf89d488ee54e2ea20c75b0ba5e523b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3f8388428c11697ddf5068bb25ffffd7

    SHA1

    d0a746749d9573aa8190da95eef4f1ee5fc89496

    SHA256

    2b3e74b3a29e0025d5cd5f204e91c63af7435581a59f9ed81aaaaed61b32443f

    SHA512

    7aae09f45f9faceaf72ae7c546da7b0bf7bb8d4b9d35c2df7069833582b1252320ffa1a8007b0135069e64cc14c984f2852920936e565941c185eed68b7df82f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9a89314e5cf2733f47944b542fc654c9

    SHA1

    00bf61b43dc5c51b3fd1775e473ab2cd0faea604

    SHA256

    627d3624ad8abcfdb849c9959a7ad253a765612c7512041f3864dbb1f0fbfce2

    SHA512

    9101e49e7aff7ff8e47b87d964213d5089c247a7a738aea1c10f5e6f86d784abf1eb39652fd3546dfe9ace9f01f98961b1468c42ab4b6351a82ac2e275b47feb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dfe06509c5d8f10e8aee0acb2d986fdd

    SHA1

    d7a652dc66c45fc942d87b55e0acdff5a40666dc

    SHA256

    de5104ac48a8da5c8bc7411516fb407d25f8f6a3c453901c600c7dacb1a28a96

    SHA512

    95ed1586c09fc4849ec6eccdc662ea0b251b36af6c31ca9e4a79fc2d616f51a44e396b0e636f288424ee7dd7a7a5134f8812486af2c3eeb09a971fd07f237305

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB2AD.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB2F1.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit