Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

CHANGES.vbs

windows7-x64

1

CHANGES.vbs

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

1

dig.exe

windows10-2004-x64

1

dig.html

windows7-x64

1

dig.html

windows10-2004-x64

1

Analysis

  • max time kernel
    172s
  • max time network
    185s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch05.html

  • Size

    5KB

  • MD5

    4969c2d71668ec566b1ff8bc8471e43c

  • SHA1

    dd1a4db85c005c9347fca549c585a71501d666f0

  • SHA256

    c27ad3b9d0917dc4416e6bb470c7951726dad14ae8eb3e2052b03d5321702c1a

  • SHA512

    b533286fb98e98d0ab4d45d747fa1b828a762a5abe4a30d1c75a33dd43bd6f8ecf6c9cdb4796d66e5947b9224a0ae8ecf465e69c35e4e2aabb29306d7b3da636

  • SSDEEP

    96:HgpYvev7KSUlCalOcU4pdeQsCqodeNAgZz/ZKyxdeejRG1D5tFLudbea9UYQIlFF:ApYvnCVczs73Qy7jA1DjFLudbeOegFF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7a34e7442d0d19b3ed0a4700e1a8bee4

    SHA1

    aa1e952c5b7f888eee2fede6f6994d59ec023fa2

    SHA256

    69d5f1914498a44f16776fd093d02ae65285c7cf07a9889539af3e83bff87c16

    SHA512

    991fe1ddf6104a0c1d1dd5cf1f42c899815a3ac6902a6b81fb5fb87a8834e524cdd8a171953860ce0ddf2dd2b54cccc417877734ac774f78b910a4284e0e9807

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    06e9d53c902b016fe2613552b00d9532

    SHA1

    504728f8f068aee6c5fb689490b70d73f06e04df

    SHA256

    67b6245166e7bcec9ccbd1a3ec3e7441f252f4289a7f553c3a0b8f98e61c19c7

    SHA512

    3eb1f310e21448336a8761805a11c7818ae18e683bbb579177ff967f7bb71c9fef4ab38bcf913e619dc11b906413a6022d04752e8a8208be7be20a593ea8e2fe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f0df91cbacc86220275e38a5194dc44

    SHA1

    314e1401a1c91cb88cb2232d10c4bb45e146c112

    SHA256

    acbd4efae4a8760bab10faaffb7e57c237b44577387fb634a6a7286d6674187d

    SHA512

    9579c7a12f8b3ae9366cafb3edbb9dc2903a0fe4b26726ca988e70471b787113ff4a9f5929254f8d425c8d09cf7fd3adac060e0338ce5345bd758cc5178b1dde

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    15f2ce63d0f9c90b8e2dab06fe64160c

    SHA1

    d31a65c5a43d2b2d4646c7ab994a3fafdeb0d062

    SHA256

    3fb9f63c55a6877ea55462b356892c5e281146ae6e4138d087b5ec112feb063b

    SHA512

    ca096fcd0c7da90c8de25994eae03d22e4cddf37cf6bc5690a91f6db43e92e735bfd38f3984f83ce14bf1a11b05f7b09ece5de69620a90b3783e03ec68122f1b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    598bd1ba4800c35bc693ae1158c4e4e1

    SHA1

    819aa18fec24b52d25ebf8ab2b5c399b58cdca10

    SHA256

    67db68fa070938be72b9a0d966220946a5f3d5e47747ce2c46551ecbba281120

    SHA512

    927f6278334b0ed525532cdd0a35337d623012ddf47242da05fbc90ca3ea4b76332c5833597b45ccfca2ca7d61b50adb617fbd05d0318fa93915b39f1ecce0e3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    22c28270c91f569121f5e0c9bdc4e678

    SHA1

    bc566ba1381a33ebe9fb92dc62081b32c46dfb1e

    SHA256

    d0740af47472afb8bda18f86c36707721ffd4f0538bdf99827093b69a16ccfe3

    SHA512

    6ea896a53dc8dad6d1fe8cc74d969f57488817dd27897fd24e527bd067f7728228add7a07aaac628d8bd53634a1d54e5cdef5caab203478b96a1c3f35f17f2a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb01c6c51f194f0a5ed898f380af403d

    SHA1

    ded421954d14b2ba4cbc2f0a57062e38e50fd37f

    SHA256

    169df445e8202ea6d1ec5b85c55eb438708aa8fb544233456ac68271d9ddc575

    SHA512

    555569336a7045ffa99165c0237aa6f883f18648695ea9db6332feecc3a36cc3c39833e4350f544b7960b2d991e398a25c30ec9332bf47513f77589678b5d4f9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ac0ad56979effbcb29e7028eea20a457

    SHA1

    d3df9dd9121c63af25aaef6f21b8fcc0145a2c53

    SHA256

    5973fbcb87d5a46f280f9591ab8cedc3ff50dd6f38a470c64e239c58d2429156

    SHA512

    a395d235471eccb0f3f7163310c03299984c4b3d8b2ddd34835876d5a0bae3017a27803ab8ae14975c31f691f2734306c24f36d1c3e12455b351ad8a46a6351b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0aea6d7a036f0d8a7473cd6dc282ee37

    SHA1

    f2c6794bf20abfb6bcaeb1700f6c2b93d8055b80

    SHA256

    ea367615da2d9a0429c32414ace65bd549aaa099f09c385d9d2114859abe9de6

    SHA512

    5497e7034cd32ed13f603f5e021b98a31c17dbd2e32c287c1d11e207fad2d02a3b5b2315f8b4f9fe3c0e0b70f65cd00e34bc1b62ac165726dfe0a7855dd35316

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1CC7.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1DD3.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit