Overview

overview

1

Static

static

URLScan

urlscan

1

http://line.me/R/ti/...

windows7-x64

1

http://line.me/R/ti/...

windows10-2004-x64

1

Analysis

  • max time kernel
    195s
  • max time network
    219s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2022, 00:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    http://line.me/R/ti/p/%40jsb3813i

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" http://line.me/R/ti/p/%40jsb3813i
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1640
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1640 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:316

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2c24ebf260a6d4d3187ff74fb8e72659

          SHA1

          b3867cf75017cf55ae10bf833c28d2653534c1ec

          SHA256

          e435b9e6f1a86d33fab37cac21928284472536b204f8f5db5714b547489242a0

          SHA512

          422b87ba45c32878a0d42b49b51b30f8f4b53daf2e311643019bf823276c187357042ac80890f0f4493c5f066de88b085fd076355f702f0b559392266d4e1b95

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          cc506da3aa672b5d03cafbf14a20dae5

          SHA1

          9a163d1ef3456c99e7ee0d4d7ffde85bccb82979

          SHA256

          efd7a47fbc44f1158238bc9b6866a0313d0da488bb89b06124cdff488bbc8808

          SHA512

          863506132013756f2f19cba11eac5b12a8593cdf8fc2056ac3294b770fb40f2e0af10bcfcfecfd945ae01db77ebfeba686895b28ec133b79bf98fbaeaab847fc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          05f2aa9dd5fba2f54ecd1eb71af63265

          SHA1

          b082adf8527be7cc6a2ce3998f7ad943cd781337

          SHA256

          c51dcc063c5185a5a5bb078220c09ecbfca48db51365666f9463cfe1d5727ca7

          SHA512

          f09a335433b2308a32f6efa5a65934d25edfcf75034fcdb0d569442433fef2e4d5375dc6cd982a951daf02d3a1257dd0669dace4bb471a352efd41882bb833b9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7826a7efaaac068ff75e899d84f95cb6

          SHA1

          fab289055543f620726318e179ed44507ab08dd5

          SHA256

          31b18facb61d29ef31d2e5552209df415a41a685fd5493b932ee249dafadf2ee

          SHA512

          2886e519b405a30442208291d71d9efe473d226f2d2d17a0e5d55859c2418c5d9fd3a36e8fe1d8723ed36ff40e4b6e382aa74ea5558a8a0502de9e0d4c2464d7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          611804108d00e9ba4276ec8f0572e30a

          SHA1

          c7c6f7dfd4f5f2c18ef1dfc9fa0f9bafb608c5bb

          SHA256

          3d237334f24802db361ba8d5bec2168975193cf289cca3cd9dc598f99d6a6e78

          SHA512

          ab40ddad99011a275ed381a8fbdee1a4e9272c143240e72863798d5d9448b280b695c2f2ef3e3d7bccc8b1faaa6b8174d37557d51b18ee12bbef60347bc8ac0c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          43cdc26881011036005cc4f40e033d48

          SHA1

          662790c0a45ffe916b7dd6c56b1a24e66da1e9fb

          SHA256

          011d31cd8455c3394898b52e4519214d8c2b24ca48adf66e15a5ac157b5cc361

          SHA512

          4195b8aa42bcb84ac97fa34b20b34eb9384065bdac323a9955187889dc63ce4439e07ced5d79308ea6d73c96195f7a29c4d2192fc352759bf7c33464d288f906

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          755fb8d0f05c668cccc0b9f806aa6693

          SHA1

          ed75b80b973e62694bb5fd20207031e1872d4453

          SHA256

          6d276a511b639a7656d907dfe781921bf9705078ee8aa0d53a159359e63b836a

          SHA512

          dd5afc5c5f2ae0a002c308fc4a7e81f796eeeafe73c8416a2410f204fa71cd809de1f8e5ab0ad83a21f56b89598d4e309319e6eacba1d614216c7b26cff7d081

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          1e105fdfa6426170aae20e401d06c1e5

          SHA1

          dd74311c463f5eb487e80a06824d1f321902c319

          SHA256

          c7d46b7dfeccc25905d0c750df635cd813f3852360eaf89d14df3b6b83a4a443

          SHA512

          5743640886e0c046c6f15ac19ef32ebed0f43719ec75b9b73e239ad09bb56c98bf9792df83e349ddb37c010138d178c045b3204f1dbde36122ca24cbd7ce77af

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d1d00f8505768e6deb015e07fbc1c99b

          SHA1

          0b69c28dacf0d03e9086be13bac3946c27f160f4

          SHA256

          6e9f3a3975fbb4dcc06c59e7de5358b67a8d077e7dd94f2cf3890fe3b5a521e1

          SHA512

          fe0810abda8568f64957400faa0a70a3ca387605e5c2c8671bd5de1f5e761d24aa48d76cee335339224c729718f4b2ce7321825ca6cae9def350ad9f78a51226

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ca2733b592d027e52cd0678dd0941b2a

          SHA1

          39254f90095600fd71e1ce8f494eb7f5b9b58e5a

          SHA256

          1da2ad5671c1286523de1474c55cb57611bed0caf2b54cb54147fd364be52e5e

          SHA512

          ad04ebd88133d2ec6a5044c9d88671aeeadb8c41e756d070009cf202df221b518e90d8c3919e4463004552a5f0117de5e6709cbe210acafb6e146e4a5ee2a286

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bf38c0ca50e1cd5b2288e1401511046a

          SHA1

          d1db48f821359fcf89c52d10a5112f036e1e778f

          SHA256

          614d182afc54d438805f27e3e524b38c99811ec1f6ba7d61644cf59c9eb607f0

          SHA512

          204f00f700f22297a3e558e38baff2333799da40d5ca05bdc4e478649998ec4e61eab48a59ab1fea3e95c2f7706b30bd34dfb06877ffab530ab27e0bdbb1f214

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2aa50fa4339db9df7fe04ba03af5ebe6

          SHA1

          fd4311a41460bcdd151e21da17ba9d6538ea7f30

          SHA256

          88c31ae2ed48ce40cddd45e642926763d9933a925aad46605c5a0a372e0a02e7

          SHA512

          e35abc3143f0bff27841d3531e9a31d17d686237e1cb97c80e73dce6d1277b88073734291ba2e58fa6efcc3cbbc7ccc694fbf8bc5832477d2212835957e59eed

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3fc52da67103377d9e7faba899bd4cff

          SHA1

          c099d78b7010f9218a0cc5287f3d98b2bd9f62aa

          SHA256

          9ee651142d1fc3d5b74161d3b8e015dc0497d629586eb7fb7a13229f7c562f6d

          SHA512

          08d5142ca4a2e1022e4bfbc73a8e6bc654927cd786dba904dc02db90f3354c61476adac6ab9a1e268088ef6d9f98bb9557a9741d3d127faa11d433589a79db1a

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\YMHXKGK8.txt
          Filesize

          608B

          MD5

          1354bb1ace7e6b3a8fe3cb8e4ec9ac34

          SHA1

          66ca103fa86c25cfe56a59bd933e291219173903

          SHA256

          c64bc4eeb56c856c75e85115d1a1a123783e17d03cefa02cb196e2f28e4d7b78

          SHA512

          3ffcfb1479388643c3fe9f683688882c99889a116b9094e1461068e526751d69cfba4d73bb2265ea0ecb4de411c0b247072736fd180fa987aafd951473433ff7

          Download Submit