Overview

overview

1

Static

static

1

ChangeHope...er.vbs

windows7-x64

1

ChangeHope...er.vbs

windows10-2004-x64

1

ChangeHope...in.vbs

windows7-x64

1

ChangeHope...in.vbs

windows10-2004-x64

1

ChangeHope...er.vbs

windows7-x64

1

ChangeHope...er.vbs

windows10-2004-x64

1

ChangeHope...og.vbs

windows7-x64

1

ChangeHope...og.vbs

windows10-2004-x64

1

ChangeHope...ot.htm

windows7-x64

1

ChangeHope...ot.htm

windows10-2004-x64

1

ChangeHope...js.htm

windows7-x64

1

ChangeHope...js.htm

windows10-2004-x64

1

ChangeHope...nt.htm

windows7-x64

1

ChangeHope...nt.htm

windows10-2004-x64

1

ChangeHope...js.htm

windows7-x64

1

ChangeHope...js.htm

windows10-2004-x64

1

ChangeHope...ks.htm

windows7-x64

1

ChangeHope...ks.htm

windows10-2004-x64

1

ChangeHope...js.htm

windows7-x64

1

ChangeHope...js.htm

windows10-2004-x64

1

ChangeHope...op.htm

windows7-x64

1

ChangeHope...op.htm

windows10-2004-x64

1

ChangeHope...js.htm

windows7-x64

1

ChangeHope...js.htm

windows10-2004-x64

1

ChangeHope...ad.vbs

windows7-x64

1

ChangeHope...ad.vbs

windows10-2004-x64

1

ChangeHope...in.vbs

windows7-x64

1

ChangeHope...in.vbs

windows10-2004-x64

1

ChangeHope...in.vbs

windows7-x64

1

ChangeHope...in.vbs

windows10-2004-x64

1

ChangeHope...in.vbs

windows7-x64

1

ChangeHope...in.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    15-01-2024 18:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ChangeHope_B2B_Free_V2.3/ChangeHope_B2B_Free_V2.3/Blog/ad/ad_userlinks.htm

  • Size

    1B

  • MD5

    7215ee9c7d9dc229d2921a40e899ec5f

  • SHA1

    b858cb282617fb0956d960215c8e84d1ccf909c6

  • SHA256

    36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

  • SHA512

    f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ChangeHope_B2B_Free_V2.3\ChangeHope_B2B_Free_V2.3\Blog\ad\ad_userlinks.htm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2336 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a36be84254dc7a5e2d4c02841c2d730

    SHA1

    d7cec1fbd054690ec29f1e7144585bee034be9aa

    SHA256

    6d1f20ada82cff773bf8567539d5289490aad8f3ab5252f069e3e63dff7a7d7e

    SHA512

    9be2c0b5feac4129090c8a0d0cd05a0e9997d9d787574a15c126aef7fed7def70c1a0590ed64bc370618706d1b8321bb6e7c2bb710acff8a6869a3c654a9a0d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3573aed5576b257463709dc51136d643

    SHA1

    adfaa4aa8c0da7734429ac1fb7d6682315d01d42

    SHA256

    3db3fa4a7abbb95c5bd64169d00806618c1ed45ed3481a056049aab731cb0bd0

    SHA512

    4b04f6034c15d43564e1f36c43289f5f4a70c60f2a56ad0f19883a03dcb069bf903c5e403e17ed2789c9cc33ff26f03bd84e76c979bee81655ceac1a12760a25

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2956629f09aacee14586bf008741d9db

    SHA1

    11b914ad836169d583438d3c15bd8ebb5a3b5c13

    SHA256

    d72cd08fc6170d3edd0d6fdfbcdabd02ac51905b3d29f6ab21f8d3b7342c0874

    SHA512

    6681efcd4e3f91846a08c0b7249ccc95e3638fc9a06f6308aacc265aca65419b292b70173c8d03a326c89a87a668a026dbfbe24a2815b5a067cc5d8ac83d66c0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44cb94e51ca90b12fbef2cb7d6995d96

    SHA1

    dc5757e7feac8a7bb9cd16fac845faa2d18cfe3a

    SHA256

    176d6e88c4ecf23669af8f5c6a4dd7f3a2c9e4b6f31c8cce34e0cdd564dc88ae

    SHA512

    3920ad5d8369b7cde00f3182608c08ab21ab1df7d08f643311144568238a8d2ae6ce8098c0e57ae20da5b74014c85fd7b189a7b976304497e41901fc83d63702

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9cedaad63a01e5a738a0dc2b2b99944c

    SHA1

    757e68b72887f200e7d4f99c17d2130ecd4f1930

    SHA256

    ef65b759bb0d046587432be708542d3dc481428b5ad21858a244dc1c9bb60585

    SHA512

    84b3a9416d417007130c9860f068c800090cca79f8ffb3842b8468a4d7521f79526243eae7cd6c14375688e6235cca0be4b65c3cfd7d5e523d7487fabaa397d6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1952f6bc5fe7be4ef15d741a25c0ca9c

    SHA1

    73bee0376c23e100c01a68111c52e55804775f54

    SHA256

    5d6720a57cb3bc15222cddd297b74f06d294efb678a04401f76a571fe2d87d0d

    SHA512

    6c692ac615553deb3c19ebe30e12a5ca081434a40f2685887366756112cee3b8c5029ee0ef7529ff47830dcd67b3968efb7fe1375fd325a6acb30bffdad6c2fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a8286ae7e0b7f0de621e79960b03690

    SHA1

    feb9cfdfa68f1849e25e4ec0ac65d0e49b379894

    SHA256

    7aa9a31c9e20a47774fd6aff284dabc03c275ef591e9ee9ea09a1718c706de01

    SHA512

    8c9f60332da2239a99fc4474ff196b7dbd6f8ccbc89801347992342ec895188fbeebedfe6b6fbe040d7fb42d6ec1728413c43ab224ef6faf888056a83042a07e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1e0ac050cdf5285c2fb14be26e43b38c

    SHA1

    86addf78c9e1d1f0b40fd5e74bd0e00b8aa00403

    SHA256

    d60e1f6bb8338cda129ddd69271832e9081f56185931a3098b71243bd92c8931

    SHA512

    de9d4f7142c0ea7f55899458a3bc94dfa06c4bd6f6694f0ea41b858c42f0cdf28692fbcfc4a83396935a6a62ac7e2487892ff386b1a1dd44290a98026633a699

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    291c28ec00658fee68a3dbfba60c5e36

    SHA1

    60fced024684691a50f7c028ea0947af3dc13151

    SHA256

    7cc57a9874d9b1ec1ec0a7994cc2594be139a4a20e952c6e08fb9114074a0d85

    SHA512

    83fe84faba656852783c51b867493ae2001ad2175624f4fefc68dccd6808d51e8dfec52673cc898d823df88cfcc2f29453ab0487b5e4215c11af218767c4e84e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b9f02c4aaa2041a4aa082345030153c5

    SHA1

    7421e21c6d2b86b6a019f71005498b029a13b637

    SHA256

    6a3ae543a5ae350bfb4092cd256efc92919c961c86adfe27e359d0d9d723decf

    SHA512

    9e1b0c8b4c7425774a21d353c4fb78a65a6b40ee7c59e8c4b86da2eee610abd83c92688f270fe53402dcf0cda10ef35aec5118c1b74bfdce6d7b57969d712f09

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e210fcbcc4be1cd99c86bb06bb00d83

    SHA1

    33a6d7ebebba42cea99d961c5dc0a4a48b2dba9a

    SHA256

    d0c5a66c1927e15b76bd003d76275dea5a8ac0a6b6e88319fb61c726d7a5b304

    SHA512

    916a9550ceb271db4793baacc6742baaf1e21fdf75d9bb9c0e1269e56a11a3283c436c49f7b2b50927a72ad428c530bda7765c7d3eddc4447add25e50c451f41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c27c5e82680c2ac397b34863a47c499a

    SHA1

    dad6cb2aa9d03a13f34c8f5f3daff758c2ccfe1d

    SHA256

    e8e8bfbda08bd9042e8412ca830e647b4194e73d3a87cbee66e4a9dc51509965

    SHA512

    35c534ad0fdfd9f02a7dbb44dea9abeaa51f11a4b328ccea32b4f76db71bd18859652530659fea7efe10df69a3c5aad5336aaf3392a24321af3daefe932363ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4848812c9d5d99e740ec9655390173f6

    SHA1

    174488543b54a4335b09645dc470e16fe13185f0

    SHA256

    6f0d294ee2c735f93f31b5715af320f4bb4bdac82ea2d4d7a8fcdda456afedc8

    SHA512

    7692dd1fdc4e440e3e40d46f6df26e2e276789906c3f063856d5ab76c1d900f5a108c9b2f472062985171c1fbc6807f2ad027122231e362b7d38c1c2af62daf8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f70a08354a6e82f6ebb62a37e79ec0af

    SHA1

    61c6517b65278442161e0d5931acb6cb055452f4

    SHA256

    28cdb59bbc0299fceb764cdf6f89dca1c73cef6f986b85d8dff2c81eaeeda7b9

    SHA512

    a1b1f267a876297b357820443f5c633c67193644bc36e3092d537f9d70ed27ecbd3794de80035bd6264422851d3e801266bdebeee997418a8e79fdc2417fc8ba

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab89CC.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8A6B.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit