Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://click.send.g...

windows10-2004-x64

1

Analysis

  • max time kernel
    104s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/03/2023, 15:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://click.send.grammarly.com/?qs=12812734fa45c845532e790f4a568b5e75f10439d08f0d1382a90b422bd57cec0a3cf5e16a2fba21d6a697825b475bded19195c9dbfd6e6cb7256e0a900ab50c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://click.send.grammarly.com/?qs=12812734fa45c845532e790f4a568b5e75f10439d08f0d1382a90b422bd57cec0a3cf5e16a2fba21d6a697825b475bded19195c9dbfd6e6cb7256e0a900ab50c
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2536 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3884

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    1KB

    MD5

    8f272d427980d3d9f650ec692cba365e

    SHA1

    c711bb7c909d3ee0fb900b4232fb42b0511e845a

    SHA256

    246c4c5ab3a105a51324d54f975f6aa5446be6e632cbce59ae45ff9fb26e47ca

    SHA512

    ab462bde16468cdc832065ab62eefa5beb834c2b911337266a8a47b4c9b868f7c0a402f7f3ad16f0def59724aef95b461d9796741791bb2d1367680e7b646cf2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    471B

    MD5

    0f5b538d5aea8c0353e33439ea374707

    SHA1

    bb73d5dfcf6228376de2f5fbf01a8d93732a22f4

    SHA256

    0ecd5e7e82eaaac6a194121a40accdbc7e352365ac3db724da85337a3bd62648

    SHA512

    512f2c2fcdf2cd7be20511a041340b0a0c5cfd698453aec9b7da4e6f8786a11b6df8bc80b10a65290bcbcdcce549936b80b3773725e79eb045f43fcf56908800

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6BADA8974A10C4BD62CC921D13E43B18_1DC6D7385EA816C957BA2B715AC5C442
    Filesize

    446B

    MD5

    6f2ec8d4c5fd9481163bc1b4c8a79b38

    SHA1

    207a737397fdacab49c12a6cfc9b04d07dd5e9ca

    SHA256

    15e372de55bb4ac63b83a9cec234a0c1fe0f2dd488d6c3c6e79702e0698a6b20

    SHA512

    76d904188318749a20eaff54daf2dc7c70735f6bd4236e95e8d4875eac17453a1994493850042e161f8f4e8b9930f0f4caac6ad966b1b3892bf1da2c40e1db3e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
    Filesize

    404B

    MD5

    9463662e51548ddb48c24b11d59b0a01

    SHA1

    432e1e45549b521bf4e59a1b96906887a8c16bf5

    SHA256

    1f5f42cbbee659ecf217467de7bcd839b4b3f849335f1e666ff2d6a15fc207fd

    SHA512

    8d4e7a7bac5f00d18b6286307d6996fbe10d12ca845b69cb94760202b2ef06946077c4fa590ffaf5f8429181ccc3119e317f0e9f857d9dda1d5ed7d58bc2ecd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    106B

    MD5

    868b66902c699db3eac446e4fdfcaa2f

    SHA1

    a8829fb7637a36ae0518ef15bd763578eaf30677

    SHA256

    1e492a0f2fa08c4a358562ea9eea6e98c9f353c3d45baf57373547c4393f88e3

    SHA512

    6806364d311bdfcf593b4315c962e1d32e56ec7c83fd774cc5e3f99385026e6b4fd3474776b2678b25ea46a3edc41819a607845b45689dc1d032ab64e87fbfa0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    609B

    MD5

    4f14390d8a73f102ffb4a553a863b96f

    SHA1

    24c56412471a26e2f4f276fcaedabfe527a21428

    SHA256

    88d707dbad2825f97ffbe2b47cbf50f0cf59204f603ff6a72229f4991fdc1a81

    SHA512

    539659b64757aa92685d955a067c34dba3f3d5facd6ca5092779a26487c30aa455919f03cf23b114d95ed1c1bb4dfa0041f478034f8f7c1953edf822a7bf5795

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    609B

    MD5

    4f14390d8a73f102ffb4a553a863b96f

    SHA1

    24c56412471a26e2f4f276fcaedabfe527a21428

    SHA256

    88d707dbad2825f97ffbe2b47cbf50f0cf59204f603ff6a72229f4991fdc1a81

    SHA512

    539659b64757aa92685d955a067c34dba3f3d5facd6ca5092779a26487c30aa455919f03cf23b114d95ed1c1bb4dfa0041f478034f8f7c1953edf822a7bf5795

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    67679e86733f41068aa427619491c261

    SHA1

    87d47c2fa7a059d6f84b69009e689148fd0ab2f9

    SHA256

    670b99b59be79c4d75123c1136bdda7e93b5a6d8c7b8ce221ea02c24404911b5

    SHA512

    a1a984be9eea7e064526e1cddca842943abed807c50c94fd4666a5a87b96dc7ebddcc6f76900dd7f40936e5d7501c492e92ff361f31362db9c70caec84055250

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    a8ab685f02f8ced2b21ff29538d6e2c1

    SHA1

    86509c19a6f2ed5cd318a11d2d52660de5ffd8ef

    SHA256

    48d61c436a27a680ec70cd84bc961cf64b27efea4fd3b19db8a39cb0db9097a3

    SHA512

    152f7afbe2d6e0e72747c9f94f8b2aa14821fe395a53054838fb03295189c1d51c7ee8b0664173524fc21f0fd1e761ad289e8441176c5001ce63bd48abd99ae3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    a10865b5baba6143d8b5fe710db5488c

    SHA1

    8182f4343a93bbf29ad08178e884aa9b3b09baf6

    SHA256

    4d8b3d903a75525484d499ec01f6d7b4ff8afa9534a6f70ad455d102c15c37c0

    SHA512

    8467ec320baf46f520deb73d0456fe2fc71ce333a828a3d111d59769631abffe1ec9d6959618f40b3099ddb68d54cbf57379660aff0a8025e56bc44f14e5697b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    7eea44ad08e548ac6e94ddaa271274f2

    SHA1

    c40c348ec2ecd5178a7427c204274df902fc29da

    SHA256

    82dee0bfa68bd508ec0721b74edc1ad092bccfbabd3eabff6a4077655fb7bc17

    SHA512

    04359a0bfe5fa5361cc124004753ef6398ca406f244ef5a29e33c8be3a4e55bcdd5ac88ae21037fa0571f82165c517cbd99defb6f2fa4b04eafc4762da17f732

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    a38c27e7715addaaece20896ff1aef3d

    SHA1

    2e906ccb0c71524fa061cf34a8a87c760c1c8989

    SHA256

    0a9457de3e0f88485d550996bc6529cb012c4eb9ac438843a64d8e3dd8774c74

    SHA512

    762d244e134bb08e831ca9a62b348673602c8fd95f1580803fac1b054d8dc12a533302d3b574fd589e35c824273921a3199b03ec53f7208a343af9a2f8b2f834

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    62769733d066f75bf4caa0a0f85a51af

    SHA1

    53201d339baeaf4be9cec73b6d623e6490fa8112

    SHA256

    0f1b52f82b2d9f5300f28310690be30848306a41d1e26a34305b2cc4eee38b4b

    SHA512

    22f9ff59c46d85e6b0a9f1e342b6bdc4af5a84b051033f795c83eaa24d5e7df064c6d9a697c855cba4d48a0daeb6745308b9d984d4390ec53faab43ac6aea817

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    8100bbd04fd5f2cd18af9dfcee5a693a

    SHA1

    ab476e2e74a12525f4ae4a135fd2714bad80a56c

    SHA256

    cb97b91b08b9363c6b252e1c8a15441c27a6410e57019651117212be152362cd

    SHA512

    c856fa79bec23c007660bf2bc5de7685f9f743188b103e69db3bc560a34dcf071484465450179609de250ea2c67d548cfd11f122519a7b2aeaf03fd21a7e31d4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    c21528f7ca893b4de49175dc659edcde

    SHA1

    f46e2ccd88b219a63cc626550aa5309bbf5fe61a

    SHA256

    e428135f08c4fb09260af0c3f1ddf63493bba1b3da7c35b1c0db7576672cd446

    SHA512

    a55c70f1b1da91a40826884a2ec040bfe5d3d1d18e80152ee9830af9a0fbdcade8400e2710778b03a27b630d5f4b862f4b8f4de2348753971e84e45c3b3f80f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    67d7c77681aa75d3760423a9abcb7541

    SHA1

    3e992b544749f9b9ed8c1fd5b32902fab5bc9d66

    SHA256

    a39ed801a8ab48c24de3e62c59ff7e1b98a03260cde32cccd2e21f31c6787451

    SHA512

    3dbd937b96f0b604e4b121efacd4548495d311cb4105ceae45df913e087f0b967723d619f3e12fc3a8ab28572df3b1d862bc9cafd8d9969bbd22f6e673d7f1eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    24edb688fa9991a13284d4b956fff590

    SHA1

    b1d8f0cfe0c8b7b2b80724c2633436e04f56d92b

    SHA256

    e129395106818843a01c8beb485313e2af87931e11eb0de161256295b389704d

    SHA512

    f5afca9cdfa786228295178f588b04bd1bef054e11bdb2ca2ce1bed6023024e4348a0172406969765ee305f374d0fb5f9fdb3b8f1f0faf14880e4e33f950a617

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    e47a3fddab2e20b61a17788670699619

    SHA1

    adcf9edbb197dd98e51209583de51a48c52411db

    SHA256

    27661896c3a78cdd9051bcb6b9810123de146ab05e20e34a9e64629fca5c4d72

    SHA512

    2a3d1f3613cde70e15e0b4888c2287e61b8a8fa2bfb431a3539ac3def255149efc64862f2a96f86f581e1c000496979b359d528fdca7bc825007c41a87152861

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    10b989d84363c5e7fc391533e50f4cd9

    SHA1

    33eddddb2ef7e53fe5dfb6633b767490af16e578

    SHA256

    2f1111b9f37034489a4f4a6c728e7807196130a84c7ead0ab6eb88849f734c8b

    SHA512

    e3932d00942629559456719caa2d0d35d66179a0caac3f72614d0e849aa61ded987954018d859fd02f7d1a0e3ad9481835380046a273eb5159d997229f6a07f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\S8D3G82U\www.grammarly[1].xml
    Filesize

    1KB

    MD5

    10b989d84363c5e7fc391533e50f4cd9

    SHA1

    33eddddb2ef7e53fe5dfb6633b767490af16e578

    SHA256

    2f1111b9f37034489a4f4a6c728e7807196130a84c7ead0ab6eb88849f734c8b

    SHA512

    e3932d00942629559456719caa2d0d35d66179a0caac3f72614d0e849aa61ded987954018d859fd02f7d1a0e3ad9481835380046a273eb5159d997229f6a07f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\phzg4yt\imagestore.dat
    Filesize

    632B

    MD5

    7e8b0a793cf8a19514f78388dee52b98

    SHA1

    5cc73824c48adafd74343475f896564c051dfb17

    SHA256

    07bf399731e1c9118d9c2a2c8a824eb653b527f400a246f23e07179792792e02

    SHA512

    9ec8aa65acc5f1ed80fe8f3466ba4f046ecb613c1429c0326c68e708655e64352aeb68075e95271522403a522d02364100ac5ee98b8ef5a8b1c794cd296c37ae

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\39K1WZBJ\generic[1].gif
    Filesize

    70B

    MD5

    58a7930cd4577fc33c35828c271eab8f

    SHA1

    406e57f86dc101e10f3a57be1e2f7b93c4580474

    SHA256

    8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

    SHA512

    f7a5f748f4c0d3096a3ca972886fe9a9dff5dce7792779ec6ffc42fa880b3815e2e4c3bdea452352f3844b81864c9bfb7861f66ac961cfa66cb9cb4febe568e8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\39K1WZBJ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\4VT6R2QM\universal_pixel.1.1.0[1].js
    Filesize

    487B

    MD5

    f0a7a3296da7382ce6bc1a3b6769e927

    SHA1

    f0db0ddd981f6cf6340451ea533a45852fcfae6f

    SHA256

    f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

    SHA512

    f7ccb8b28c1fd6535f1dfeaf80abfbe384b2e99b6749027abd211870bb9822a55f179d629463f90bea52c7e189d1281ad62de7418eb936a000a26604fad3abab

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EY3KXMB3\favicon-16x16[1].png
    Filesize

    402B

    MD5

    2340c99e5888c621067307ab254ae533

    SHA1

    88689ead0a6a37314312c7eb7f1eb2a71c50b76e

    SHA256

    66f23b8274c50c3311e814b31d0386816937b904f53783191d84d02cf55ea7a4

    SHA512

    f2229477198d4c38399cdf182c377e679f53fecdb3b46d27c745216faee16930d81b420aa4fdeb9282bff86ba3088951f7269c39fa67897246f8786365b315df

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\EY3KXMB3\up_loader.1.1.0[1].js
    Filesize

    4KB

    MD5

    98d98b3499058b76d58073cf8ede2f10

    SHA1

    2ec5bc839a187c2a4d93499567e8fff091a6bcc4

    SHA256

    ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

    SHA512

    dc185d5287645b2d8578fad706446fc337db7a34ddff4ce2a473fc09ec4b85cb13ade474edcdc8c973e4e407853a6fcfbbdcb4e58e5376e37f173150bcd1d066

    Download Submit