Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch02.html

  • Size

    7KB

  • MD5

    e6013fc6056506791db31f1b5dd3795a

  • SHA1

    b06b35344b4a614a20d65cb0cc314984ed528284

  • SHA256

    359a1112b6120fe3c435dc3e7bc33cfee4fd3522a925696986cdbb5869376566

  • SHA512

    012c427a5c95449e0227564a9928f15badc2eec560f25247ff179536c909f91ba8bc1335aa96729056f63f7860c8a4bd8ff933d89d5e4678e445ae0ff38e8a61

  • SSDEEP

    192:ZyvOHJQlNSgqkDqjB7NmmGDdrvvI16bsU2Ukl/E0zTRxnV3xuFm0:ZyvOpAYjELCZV3SJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch02.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d760381b188d21227fb323f794674be2

    SHA1

    d129a69c1cf04ad46dab502dafbb50e26ef3f063

    SHA256

    3eb4e8998be4223b273704c08706193f57797d0a9d010f1b832889cb9d945e86

    SHA512

    01f96a0908a106745112b302f096403b1533ff92f1b6dd7a3b0972c9f93773e3473ea9627a4b9a41f198652ef0388bbd0536e9a624093aed3a0bf948c397e2ed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c9ff641b9a8f71531e77cfb65b4f0ccc

    SHA1

    424e9e44c6fdc34ccbbd0e71ee71ba3da1c62f7d

    SHA256

    c8f93d3652c6cb1761ab593fe3e470b76b134c524d05b7e5d2a6098f398c1292

    SHA512

    e788d9c75786e07f0885aec17923f623d2eb8b92b861b5ce8a0883f3578647f1da3157d1f62661c10c9517cd2e570c3a5e9fbf424b6ea2dcbf00775252c3c14a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7bc0024a861b9116e878c036bc2a3013

    SHA1

    2da5eb2c14f295c00274b5d4af5736c614197bc8

    SHA256

    c3551b21cfb14202292efc53eb27adb1f3ca313d63a00f40d7ad882a30f020ac

    SHA512

    331875da242e9281727770fc8fcaf2bac75fea076aa603a1e6e89937639d3a4792777e7abc9142ea8459d559585dde11b7436a9d20c236dbc2badea4035d1b9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    149e282c470da39af32df016c3b29304

    SHA1

    e15d48d134343b95f0dc19855df1cfc3b2568e36

    SHA256

    ffa04bff571884b717cf2d0756ede17d62b8cae2996113826c34944351c3a18e

    SHA512

    f30ed8fe67fcb0c854675952674d58c2f148b9c64a9c32c84d6657d9e913d2d88b8106400a3ac0de169c39d2df294119e4b7cd8fe07499cd590c2ad3a08f5b21

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4cd12d7962bc9b4b9c3786ac9be67f3f

    SHA1

    4a648798b9715b8ca549087c1a7ab61361e884f5

    SHA256

    870d2087f56c2c1a3faf4a9589d5d4a37b6730607700950daa713d8bae1f3c4c

    SHA512

    acf61236e589a107eb12c331c358a1b7aaa491eb1e8c6a07dec68120076f4df3c1e8548c0cd8a7672ecfd46d1997a1303d64f42eede95a32e9e336014510254f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b7dfaa827b22a33ffc43b367ede4e156

    SHA1

    a76aa7e8c910551bbc6b6830254d8f785f6a05a3

    SHA256

    07e40e064fb4f491f1953582ebf8ed81f4227b19371dab3c274e950470241691

    SHA512

    19a55b7e3cb2f2209be3c6588b4db30cb387b8d5d0d86bf0e49d04382c3890eb168721f8cb37876919530d4a98ea9adb409e79a147de3054e2b36fedd9c135a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    123c944ac1820839d4bfe45f18bdf4b7

    SHA1

    c5cc414bd40aef7c56bba7602cf6a26fe910cea5

    SHA256

    01a457c143b6993a2da02009efc82bc51fd596f87a74cfa24951b2f62a216ae5

    SHA512

    8aeea6f6efd01cbd21966c17c8c54ed38b25cdcf7f2ef1aa68fc8970d74dd9b4e7a31fcace39e785470e3bd86e018af7c2f0a1c9a6224e292fb5c10d50e12086

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    076f757ef17ee798e269fc760d75a053

    SHA1

    8db0c69516b53aab35ba7b566f061939b9bbdaae

    SHA256

    eb4125e972921c3b4e6563ebbf68f843488f208b010763b32b125d3c10e00dc2

    SHA512

    6d9383d76f0ff960d21e4e6aaec9005fa304990b299097bf682779cb865f514d707252353760f5fda96f93927ffcb94aaa69c1ebd44bf040d34d601feda3bc71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e3c7a6b103b3cdd1950609562da8fbd7

    SHA1

    6bb0e209b0d8c7e62379b55dd529cc5783fbb40c

    SHA256

    e05445ba1e85c70b9e1283a737a1eb1f4bdbad4872547f6a65892cf1e04272ff

    SHA512

    c00cacdabd59dda3e5ca1a1697237d86eb4f023d1ef114f7c8dd2df3dd2cafc1be77470f5158b1120dfc24915696e902085d3402b5a5d655c52336797a578e31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    53b2dc4b24c978e7f14454f34304c1a1

    SHA1

    dbce0f39cfeb26a9212ef794e4f5f5353e9d186a

    SHA256

    26055a69cf4e7ffbf84b2250f5c4abad100a1b04f53d42e5f485a50e4e1b443e

    SHA512

    7a47df2b418796071b0e3bbe82b37370db3da0b6dede28a4f7760818771187e4b6b7baec0901abbd845fb624dd558a01f8ce41873ae10847431abab5af996b8b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bc7be7373189a4fcbcd3df01f6ff43a4

    SHA1

    8cde7b674193df359d53d81a1781006f9e9e6a31

    SHA256

    9fa9df14ea983408b5fe489a73d407984c778abe09853287853ae442c2e3ebe4

    SHA512

    41823f28b29c8315cfcc3b9a7dd5fe96cd53b72d87c336831b7ec59ad76ce02350f3bf6af93e18d6500334229bf44463b478ae614fa8375da4bfa4a32cb67471

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB8F6.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB928.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit