Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch03.html

  • Size

    28KB

  • MD5

    2baab282d4a91151942306fb14ea2956

  • SHA1

    c5990ea2ab928c5231d8af9ef2c80236c0ce53eb

  • SHA256

    4d76f5b6c99fbb018c2bb9a03613ada791927ffa5281c29618c40f737f469390

  • SHA512

    ac7c1bf0ac5f518927c8f9d8d9427e3184c113fe95ebc158408b18220f472920d161eb12155f017c18547df9e4b67eacd54cfd1704c873d7f9b982457e314cf9

  • SSDEEP

    384:ZyvOtdYSvl/tNHex3IIbdjSO7vzpkjLTq7afdbYG7khERr4qRo:Z0ObJtUx3nbdjxvijhfd5Rr4R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch03.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1064
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1064 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2284

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ed91fa32a6e12bdf084decc226ee264

    SHA1

    d80eb9f7c87d18716c24f81fb24b6f3bca5ffe55

    SHA256

    e67cc3723e6b8252cd257a4e1a39a1d65c935ebea4bfb5082abeecc50ac6c4d0

    SHA512

    1bc6986bea5ced4923dc0e31016b8a4df589d8467b10d38060258a8e7517d332a61a82ebf84469ea993d2ec1b2394d32eb8f398ebef38eec0d2f985e7c864385

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    910dc19b4cb4d123268ef47ccfc1e26b

    SHA1

    eb810f2cf7a0db5a9f0dde7a7596164a193cfa61

    SHA256

    e21904f6b6fd6156b4e4922806626a913aade62bb4ce1c86729776761a8ad2c2

    SHA512

    9fcb84731730d2583b7fbb8be0dd472fcb98eeacf3e7844fe7f8add4a43472c24d49fa95b6ddd248c3d7425b5b6d1ca61948a2fdf211a66740e06f219d8af64c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    179a043c399ce1ca473b92e844717861

    SHA1

    3af58bc6c3441b54f95a10246b7bd368c1e3d55e

    SHA256

    94e4653c25d34fb31e0d801a2d167a682678affe1503b431c73deb863770e95f

    SHA512

    6a91d2e7eb150a1f3d71421c8d67f6f5b9f0b12b869056c8b5787cabcdc0e96b1641935cdaf95a03f0fa226b267498462543a88449f187f92c635e09badaa6b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0ec9d8e4d1d8d459be095586b6b5024d

    SHA1

    a03e876df957481845f7316b9db62bee2f52dae3

    SHA256

    f7490703af69d0c22c84de45a0954e4a0a6159cf654013c4b38f22aaf7be3232

    SHA512

    f0410af285e0c3732e190eaaf8517969627b1e506d4eb6b3a0daca82e558ab1cdea4a51f74ca86c5148442590f0ebfed24da19d18b0de91f35de910d105aab2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c96844db6fd56e47b880b66a67c11ad4

    SHA1

    acbabfc7962c161d7110855093f5606cbafa115d

    SHA256

    c09d60a4a29a28a7fb9916064742508152b7a80a0e57b2b30f3af76446f16ad8

    SHA512

    a0b8521c8af912da398f4902be9b9f2d500b72331bbb34f37fb79383774e92c75045bfa6b6968c84b2d0d264a87f13854558cfc494512653436bf159d22b335a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b74046e3e69c110abd555436b744739a

    SHA1

    9ed81ad4132a9921db698b0b90f0eb559a2f0866

    SHA256

    580df0115da2e11e521e8f22e26a27ca66d1460fa0bda4531abf7741618503c2

    SHA512

    ea303c49d403b23b41f5ab44a5a09b48d3329be573225a5ac39143b2afe4028e8fd62a6a1c9308f1445cdceedfa53935221fb20da2b21ee40c8019f910a860c7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4151ad75664c94f48901544fdfb99767

    SHA1

    b197b6ea6e69f37075649574be3be3a211dac372

    SHA256

    b9b3fe19684e195baa9b51be50c03a5f8411157466751bc581a6631ee1aa643d

    SHA512

    d1ddc48e2384e006a16bca300eb276c1ba881c394e54496759d868cc6cf9791d5694002ee90fb624013eb5bff83e32a8ef20a57b52a96edb1239f57cb4b4c694

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5e18afbe57a081000345d1f1d2140260

    SHA1

    789f5b1390115c1e72b1ac056e1336761432f49a

    SHA256

    1d9e7e4a394f6bc94c15ddbd2390d6198cb70bc184ebee630082f4178f8b5f31

    SHA512

    3db844da9537320ab7ad8843e518867148da0370271b440eb0fc3ebda543e90df46762520b05e06f1b4af39dbc93cf72cfe2e9a7e624e365b0cb3354d627ffac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3de9d18ecd978fa22e393fbe2e255f91

    SHA1

    dbe3297f79bfcc7aa71ed4e5ce3c171e84ef2a50

    SHA256

    a58185754781c7bedd9149cbe36d635629ffb145dc5668e318e1e821af8a5b25

    SHA512

    517134b9d6d27480e5a410ba0e0c207d55b63afcc5895391e376c0d2127c27c075c6b72fd4647a11c0e4d925a78e5615cf1f51f43561976534a4e10fbc2a68bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3917af4787a562261f77fc4c3a80b810

    SHA1

    f0e9b2af912cd49121d3c844ad168cc472963e0a

    SHA256

    9bbc5feea7d85d5849e29ebb6bf915980f1ec1c1e97077c7ae1453f955b4cf3f

    SHA512

    cb69daafb39d37db80ac63e9a0cd048f72557f8223fadb20a194a5dcdbdcd74da0a6b7802f35b3a3071defe7357f9cf414ee2e9b4fc1a98154985d5a04ef872b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    77a50fdbaf56552e5eebe038e41b0477

    SHA1

    91a65b2e37183ef27b63dff1654ab8c9444d005d

    SHA256

    d3ecb7dd5c081c8e9c7cccc878105e7105e881cad926296a0d9f7daa7d60fde6

    SHA512

    f70a7e3b9e00777f16f50b6027d5df90a0c5611586b9931cb334b8cf3108ccf51edbc59a73c6d4cd01eaa8bb6db80969279ad39d279cac8b584cf5a54a61d122

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8112495635d0ec40803d53ae917b32c7

    SHA1

    2349a7d3a15ec7c73fd1f361b46b267320cb5a2e

    SHA256

    455d567abb8fe98f98b863ad3bd17952b892fe2bd99e95f99a168bb474255ee1

    SHA512

    bfc74b6308a8a8dbba077b0f1e7889112a1747be80c116ada7f200c0205823851f1bbe1bd7077a10b91b532d7487e21177f22e3fec5acea1168d6506a4f814d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8123d703cb30b4b7af3e6842e6fbfa4b

    SHA1

    29d8aa64fc9faa7c50aae8a1884c2db4e75c43f8

    SHA256

    1a49f3f5d47c7787bb8dafc351b71c6235b48e0fe21277066dc8fb439dd99d68

    SHA512

    15fcc99b3d6162f688a9f5da7fe465294bf129b6bc3c044b1356c54cfb56ac5f3456bd1c8f183bb04188bdc6acef7f886733f86feb4ce16268c3d425ef5c7377

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2112116685491c9b0f5ce7bbd5f39a6b

    SHA1

    bc3613c7f53a4b2ade06cb739ae51b1814aa35af

    SHA256

    2ccfcec8255c876bb8a6b061476403826a80af0a42075f8c059dc0041b140d06

    SHA512

    7ba71b18b110aa732ec3c506648517cdde7af633055a8c9d66e6b8d68bde569401af83ac33b9e8ee90e6d90be82be4558909c151454e8e1e7f3949e341be808b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a995f2af7cae06b6817aa14e31d8355

    SHA1

    92f449cebcea718b553c3bfcd814bc28e6256de9

    SHA256

    692c7cee5cbe8b97f77a6f65c230d6de164293a2b32670356fe84b5aa6043920

    SHA512

    9e6fec7e6f9df654014afde4cca69f8c00788153dfd99c1460eafc8b68795a77d23cdf58e1324957647d2f93a59a34ad0d6a02963806b5957063b669ba9334f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f4ace66b878db20ac0191bc86a247f98

    SHA1

    c7fbb98d75a959456c2e26ab7b077ccef5800efa

    SHA256

    7e40baf82f64058fd6eb6892640d196ea0da58144e92b4f4874cc62ed08d2eb7

    SHA512

    80ce28408b5d5aaa9ce81ffb9c0bdcac4b70eecad89ca5d3704f5fe6956408a2510f34a601ba8ccc7c1690c96a14cd71500b0ed2b0ae8ebb303db62094f16806

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c5f599fb3ce8e02c4f4303f437327f8e

    SHA1

    6e3dee0ffbee98742f201fe9249363931339bb17

    SHA256

    c21c3efb1b755889fde5cfcbf680696f9ea3d745f01cf114497781a14bc19174

    SHA512

    fd648cea30dd75a10e5125514bed6a19886cb9c494e753897cfe8f36c0d3ad8fba21f1e04b9d89efe0fb4559a150f56e3ae48d245a4cc5080462072ff2ea685c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7d53feed60d54d86d3f10e1b0373f670

    SHA1

    312d1ffe08f659e9c4e756e4104dfcee385979fc

    SHA256

    6f5712a1cd42cf17729fe7284181d3a9477cdaac71ea17b354d57a446a93eb60

    SHA512

    0543a8d3d73f1e3bc5606f081a245431df02f544ab5b6e0fa00220d507d5524be876dd9e727e50d2704f819e309987bf3f287668ed2675f0beac95813a3b5d11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1ff7497f394a29ac418f9bf20892ffa1

    SHA1

    a7c24ed9fd1be66d46db62ad7f8fea31e1cd1790

    SHA256

    1de6a5cadec40f6fe6759a4102ccf0d7dfb0c0c267b1cea759e2003a95cd9a85

    SHA512

    6751fa0420cc47b5f5b7e7bb79a51b7eeeb9bbfcbe8bd906a3afd0501712e8a5d4429d630140cfd8331947cbe554d7dee8d430e50562d0fafd2959fac383941a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA767.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA7E9.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit