Overview

overview

1

Static

static

URLScan

urlscan

https://www.youtube....

windows7-x64

1

https://www.youtube....

windows10-2004-x64

1

Analysis

  • max time kernel
    66s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    26/09/2022, 14:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbE9LV0lYbmJ3LXF1SlNOYThvT1k0T0ZNeVBmd3xBQ3Jtc0trTjNELWhaTlVMRW81Rnl2aEp0M09sNzBUdnJ0aklPZmw5emc3THhGN2dhUjhGekEtV0hQNHZNZWdlMEVZU2d1YW1Vb0o4MV84OUpNOTQzcmY3aWs2WXBTMTJUeEJoNW1Ua19iRWh4Zmt0R0lpc0R4TQ&q=https%3A%2F%2Fwww.twitch.tv%2Fiisxd_potxto&v=edi5MFRPHEE

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbE9LV0lYbmJ3LXF1SlNOYThvT1k0T0ZNeVBmd3xBQ3Jtc0trTjNELWhaTlVMRW81Rnl2aEp0M09sNzBUdnJ0aklPZmw5emc3THhGN2dhUjhGekEtV0hQNHZNZWdlMEVZU2d1YW1Vb0o4MV84OUpNOTQzcmY3aWs2WXBTMTJUeEJoNW1Ua19iRWh4Zmt0R0lpc0R4TQ&q=https%3A%2F%2Fwww.twitch.tv%2Fiisxd_potxto&v=edi5MFRPHEE
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1768
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1768 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:536

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8a386b8318f1561eddcc39fe1547a1b6

    SHA1

    11b0e169ac0bf840e1df93911e4d319a4f4dd6a5

    SHA256

    783d9baa4dc24b6e4dd7b5bef622cf2f281e85ad429273319dd5ec82e4316f3d

    SHA512

    5c7dd9bb9c8625304b1547a1cfd4506f69335b061ca626da025d075b847353639ca63541b765437192e87401d5d110bd56bd6a238bd41d600462c23b0d34a7eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\309axvf\imagestore.dat
    Filesize

    4KB

    MD5

    4a6512303cdb52f41863ec0c75626b04

    SHA1

    cf0abb4f8478ba367fcad4f12495e169aa7f27a9

    SHA256

    9dcc77401f0e2b2d0275bab4f2a0b2d59c807f162957cb2de64b2dff26e1cb8c

    SHA512

    fcc0e43a41a82f637e41f528dd5645d33a12fdfb58d36944c86e686be355970ce1ebe0d60e46a733f2faf03d945c57848c889d8307304fa02d91cb894ace9661

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\H3I5ORFX.txt
    Filesize

    608B

    MD5

    fc30cba51cf47f0f9b83ba0f649fc579

    SHA1

    b8a466b27af2e11c5c5efbdac0da4fd6283456db

    SHA256

    6c82d9450e75dd49ed056f62ff9f9465af680d8db739c78c7844c0060f249b8f

    SHA512

    5a6935ea573f2a5ff8d9a7d76ac6f3254738f582b39803e4adc4211f544076188909e654c3de3d395588a8b746af88b04d3d528ff77f930623794d4bb8bf222f

    Download Submit