Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

URLScan

urlscan

1

http://line.me/R/ti/...

windows7-x64

1

http://line.me/R/ti/...

windows10-2004-x64

1

Analysis

  • max time kernel
    195s
  • max time network
    219s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2022, 00:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://line.me/R/ti/p/%40jsb3813i

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://line.me/R/ti/p/%40jsb3813i
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1640
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1640 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:316

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c24ebf260a6d4d3187ff74fb8e72659

    SHA1

    b3867cf75017cf55ae10bf833c28d2653534c1ec

    SHA256

    e435b9e6f1a86d33fab37cac21928284472536b204f8f5db5714b547489242a0

    SHA512

    422b87ba45c32878a0d42b49b51b30f8f4b53daf2e311643019bf823276c187357042ac80890f0f4493c5f066de88b085fd076355f702f0b559392266d4e1b95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cc506da3aa672b5d03cafbf14a20dae5

    SHA1

    9a163d1ef3456c99e7ee0d4d7ffde85bccb82979

    SHA256

    efd7a47fbc44f1158238bc9b6866a0313d0da488bb89b06124cdff488bbc8808

    SHA512

    863506132013756f2f19cba11eac5b12a8593cdf8fc2056ac3294b770fb40f2e0af10bcfcfecfd945ae01db77ebfeba686895b28ec133b79bf98fbaeaab847fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    05f2aa9dd5fba2f54ecd1eb71af63265

    SHA1

    b082adf8527be7cc6a2ce3998f7ad943cd781337

    SHA256

    c51dcc063c5185a5a5bb078220c09ecbfca48db51365666f9463cfe1d5727ca7

    SHA512

    f09a335433b2308a32f6efa5a65934d25edfcf75034fcdb0d569442433fef2e4d5375dc6cd982a951daf02d3a1257dd0669dace4bb471a352efd41882bb833b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7826a7efaaac068ff75e899d84f95cb6

    SHA1

    fab289055543f620726318e179ed44507ab08dd5

    SHA256

    31b18facb61d29ef31d2e5552209df415a41a685fd5493b932ee249dafadf2ee

    SHA512

    2886e519b405a30442208291d71d9efe473d226f2d2d17a0e5d55859c2418c5d9fd3a36e8fe1d8723ed36ff40e4b6e382aa74ea5558a8a0502de9e0d4c2464d7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    611804108d00e9ba4276ec8f0572e30a

    SHA1

    c7c6f7dfd4f5f2c18ef1dfc9fa0f9bafb608c5bb

    SHA256

    3d237334f24802db361ba8d5bec2168975193cf289cca3cd9dc598f99d6a6e78

    SHA512

    ab40ddad99011a275ed381a8fbdee1a4e9272c143240e72863798d5d9448b280b695c2f2ef3e3d7bccc8b1faaa6b8174d37557d51b18ee12bbef60347bc8ac0c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    43cdc26881011036005cc4f40e033d48

    SHA1

    662790c0a45ffe916b7dd6c56b1a24e66da1e9fb

    SHA256

    011d31cd8455c3394898b52e4519214d8c2b24ca48adf66e15a5ac157b5cc361

    SHA512

    4195b8aa42bcb84ac97fa34b20b34eb9384065bdac323a9955187889dc63ce4439e07ced5d79308ea6d73c96195f7a29c4d2192fc352759bf7c33464d288f906

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    755fb8d0f05c668cccc0b9f806aa6693

    SHA1

    ed75b80b973e62694bb5fd20207031e1872d4453

    SHA256

    6d276a511b639a7656d907dfe781921bf9705078ee8aa0d53a159359e63b836a

    SHA512

    dd5afc5c5f2ae0a002c308fc4a7e81f796eeeafe73c8416a2410f204fa71cd809de1f8e5ab0ad83a21f56b89598d4e309319e6eacba1d614216c7b26cff7d081

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1e105fdfa6426170aae20e401d06c1e5

    SHA1

    dd74311c463f5eb487e80a06824d1f321902c319

    SHA256

    c7d46b7dfeccc25905d0c750df635cd813f3852360eaf89d14df3b6b83a4a443

    SHA512

    5743640886e0c046c6f15ac19ef32ebed0f43719ec75b9b73e239ad09bb56c98bf9792df83e349ddb37c010138d178c045b3204f1dbde36122ca24cbd7ce77af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1d00f8505768e6deb015e07fbc1c99b

    SHA1

    0b69c28dacf0d03e9086be13bac3946c27f160f4

    SHA256

    6e9f3a3975fbb4dcc06c59e7de5358b67a8d077e7dd94f2cf3890fe3b5a521e1

    SHA512

    fe0810abda8568f64957400faa0a70a3ca387605e5c2c8671bd5de1f5e761d24aa48d76cee335339224c729718f4b2ce7321825ca6cae9def350ad9f78a51226

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ca2733b592d027e52cd0678dd0941b2a

    SHA1

    39254f90095600fd71e1ce8f494eb7f5b9b58e5a

    SHA256

    1da2ad5671c1286523de1474c55cb57611bed0caf2b54cb54147fd364be52e5e

    SHA512

    ad04ebd88133d2ec6a5044c9d88671aeeadb8c41e756d070009cf202df221b518e90d8c3919e4463004552a5f0117de5e6709cbe210acafb6e146e4a5ee2a286

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf38c0ca50e1cd5b2288e1401511046a

    SHA1

    d1db48f821359fcf89c52d10a5112f036e1e778f

    SHA256

    614d182afc54d438805f27e3e524b38c99811ec1f6ba7d61644cf59c9eb607f0

    SHA512

    204f00f700f22297a3e558e38baff2333799da40d5ca05bdc4e478649998ec4e61eab48a59ab1fea3e95c2f7706b30bd34dfb06877ffab530ab27e0bdbb1f214

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2aa50fa4339db9df7fe04ba03af5ebe6

    SHA1

    fd4311a41460bcdd151e21da17ba9d6538ea7f30

    SHA256

    88c31ae2ed48ce40cddd45e642926763d9933a925aad46605c5a0a372e0a02e7

    SHA512

    e35abc3143f0bff27841d3531e9a31d17d686237e1cb97c80e73dce6d1277b88073734291ba2e58fa6efcc3cbbc7ccc694fbf8bc5832477d2212835957e59eed

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3fc52da67103377d9e7faba899bd4cff

    SHA1

    c099d78b7010f9218a0cc5287f3d98b2bd9f62aa

    SHA256

    9ee651142d1fc3d5b74161d3b8e015dc0497d629586eb7fb7a13229f7c562f6d

    SHA512

    08d5142ca4a2e1022e4bfbc73a8e6bc654927cd786dba904dc02db90f3354c61476adac6ab9a1e268088ef6d9f98bb9557a9741d3d127faa11d433589a79db1a

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\YMHXKGK8.txt
    Filesize

    608B

    MD5

    1354bb1ace7e6b3a8fe3cb8e4ec9ac34

    SHA1

    66ca103fa86c25cfe56a59bd933e291219173903

    SHA256

    c64bc4eeb56c856c75e85115d1a1a123783e17d03cefa02cb196e2f28e4d7b78

    SHA512

    3ffcfb1479388643c3fe9f683688882c99889a116b9094e1461068e526751d69cfba4d73bb2265ea0ecb4de411c0b247072736fd180fa987aafd951473433ff7

    Download Submit