Overview

overview

1

Static

static

1

URLScan

urlscan

https://www.youtube....

windows10-2004-x64

1

Analysis

  • max time kernel
    42s
  • max time network
    46s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/03/2023, 05:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbEJvMkRNeGt2ZWtNRkVYXzNHMmtfenhPaDBHQXxBQ3Jtc0ttdF9ocURIRHIxRUpVMnc3VUdnZ1dBOUlJbDU5SWRUZGgyaktYUFdtY250ajlwNnVfYUFiNk13azlHLXJJRWNWZTdrTnBXYzNMOGNvaDRYV3p0dTZzbDI2TXlzd2o4QnZoVmgxNEJiMktMTE13c2JSbw&q=https%3A%2F%2Fmodapi.survivetheforest.net%2Fgame%2FTheForest%2F&v=6oTyeMRt80g

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 42 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbEJvMkRNeGt2ZWtNRkVYXzNHMmtfenhPaDBHQXxBQ3Jtc0ttdF9ocURIRHIxRUpVMnc3VUdnZ1dBOUlJbDU5SWRUZGgyaktYUFdtY250ajlwNnVfYUFiNk13azlHLXJJRWNWZTdrTnBXYzNMOGNvaDRYV3p0dTZzbDI2TXlzd2o4QnZoVmgxNEJiMktMTE13c2JSbw&q=https%3A%2F%2Fmodapi.survivetheforest.net%2Fgame%2FTheForest%2F&v=6oTyeMRt80g
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:17410 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1640

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7C2E8476661F75E0CF1072985692F167
    Filesize

    5B

    MD5

    5bfa51f3a417b98e7443eca90fc94703

    SHA1

    8c015d80b8a23f780bdd215dc842b0f5551f63bd

    SHA256

    bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128

    SHA512

    4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7C2E8476661F75E0CF1072985692F167
    Filesize

    414B

    MD5

    928cea4449b8b407f7896d01694d9c75

    SHA1

    ae4df387e596c02cf616bbf0a706543d1c3a6baa

    SHA256

    622d637a22876dc08e4daf2cf0e17dfdbbc4e6402a53c3d5f71546d002d13bf8

    SHA512

    ca6d535f6a13f066ff228a64d690d1fcc1b6d53db45a7d245b01cd28b669cc7d04f0eae1f41b455913a7fda1351735a346823c063dec09f1a8039fbdc23d2a48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7C2E8476661F75E0CF1072985692F167
    Filesize

    414B

    MD5

    d3db0612fcd75f4e1885c91caaa85c27

    SHA1

    c5c25a055b080a8abd1b883c284826ee2b990f0f

    SHA256

    0c2c9acf3c9e6fd99b46167ac0e5a332d812db100b2af4f100e4ed0e0789d7e0

    SHA512

    95c454296e8f3c7d1c40f9b418837155462d50727bf4e2c0ed6ea58bc6ed01940733545559c4f9cb1baa936cb428b34c6be89885e9a7bf3e6fbe9c0170dcffd8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\A6S7TAYJ\modapi.survivetheforest[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    478B

    MD5

    c930fe18a1ab97d155217e24d396260d

    SHA1

    cec15cf28bc59bbb36c132d59a766dc12a9eadc7

    SHA256

    b2722c2ac8ac09a4e6d04c16c6b95f65bbc7ecfc0246d63bf311c8c2730a955d

    SHA512

    fbc6a8cccfa40bb77297bd73fbb822ec737105f878dfa47041c3f81322e0ccd250f2045a776748401a3273b9cfa79c42918f17d31155c104aa031beddcefb102

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
    Filesize

    21KB

    MD5

    d989e776b037db7125d4381372e87b5a

    SHA1

    da91c0ead17b944d5f7c00cdd0cfe2d7c6134b14

    SHA256

    c00f447d8b5322640fa87653e9546e6f4f7e6eff5fd1ab8f8b950c2c9f48b14c

    SHA512

    3513d917aad17db6ad418bbf03343578685aa77f281ccd8dc69a7767070f07c3ebad6c65884ee66f845984a4d7976142f8850a63b65796ffb78b0ccd62cccf22

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\jquery-3.2.1.min[1].js
    Filesize

    84KB

    MD5

    c9f5aeeca3ad37bf2aa006139b935f0a

    SHA1

    1055018c28ab41087ef9ccefe411606893dabea2

    SHA256

    87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

    SHA512

    dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\jquery.form.min[1].js
    Filesize

    14KB

    MD5

    f448c593c242d134e9733a84c7a4d26c

    SHA1

    374aa1f8db17575b0e35eabc46ad82062e09106c

    SHA256

    c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

    SHA512

    de133f9ff911db26dd8df4adbe2528fe80722397082b5880cb9d4d930872d71168c4e0a5e95f04b1b5b88da558fe5f04d2f83a649a791ecfaf87d751c6335e2b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\jquery.ui.widget[1].js
    Filesize

    15KB

    MD5

    0b44270691b4abf4e38e1a45928a3dc6

    SHA1

    cf4975bba18acbc95e331f4408b3e1fae3cf74e7

    SHA256

    0afa8c947b435fc74382c870974ded570bf39dcaaa30a37414bcd9acd6a9e3e2

    SHA512

    eaf017fadc2f42c478bb099505d3e37216f9b4a9be9df4899a27d6ed066c9f49fc7f5225e83488c53461fcd754ed144ab66b07619eac6f62ccd03d35f91dc08c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\dialog-polyfill.min[1].js
    Filesize

    10KB

    MD5

    aefee1abe00856a9b46cc40e0b77fea9

    SHA1

    f25b72bc95ec31b6dfb0c06fde9fa844e43c1ec8

    SHA256

    c32bb86c0971a67479fbd7ff50bd9f1e80e20ee95bcaee00c4bf9644187d128e

    SHA512

    bd34ed25359d48eb75f4fc9d6622705bd2c4f10d8c89c66549a38ce017a578a259e4bf4fa6b36ff2edaf5224cf3071905e095587b957b0ad299446654f1e3556

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\favicon_32[1].png
    Filesize

    348B

    MD5

    3a880420311ad60097059ffc0fc53393

    SHA1

    7644b902864c4ba3604f61e0880e05da15ab464f

    SHA256

    571c382651d6337cd5fa49c512d02f0f99d523a896b87175fb59c710e1fcbc7a

    SHA512

    c16652970d04b7b76f7e7ef5a8d091984a13406cf7f5475cc3cfa3ecae3278c19be5494be39a8e549978b0675d1c70f69cc1413de9240487943d91965aff17d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\jquery.validate.min[1].js
    Filesize

    22KB

    MD5

    93c1dd8416ac2af1850652d5b620a142

    SHA1

    6a76e4c7db479053350580469aa010febfdcacd0

    SHA256

    17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

    SHA512

    3bf9d44c5e66745921128407167f4de709a06325b7db724eeaff24afa96d4912ab899c93afff38d7bb5a55679a6d54b888e346936578e38403d0fd9cc21b9392

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\mixitup.min[1].js
    Filesize

    86KB

    MD5

    ef98cd2b457a249861506d41f9066d81

    SHA1

    65752db3450d90a0cd171f21a311365a792799b7

    SHA256

    ea0216b84d3105171ff80d08cd291b9820d51c4729eb8e8bcae4e9b11adde85b

    SHA512

    ee81b332805f469b19e950b5d3b73957bcc54e67e012d9993582c65e7e142b892b1efaf227164f95ab71be21f72c5bd68a924a20e1d877e0056709d266ba10d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\additional-methods.min[1].js
    Filesize

    18KB

    MD5

    ced61b5d0a48d60fc5522b02ca25570b

    SHA1

    633d4e393fbef18319f37bb798a3b787b907c21b

    SHA256

    d1883f7a26d574acb192e568d50c21d03b29a14087bd26e6fe83a8615cf7d814

    SHA512

    81c242d71c0c9b91ccb650b669ed1c18e6a17e59ae3c22dc7529a9141fa5cd942e87282c6c05d8924edcacb404376f7ca2585a551417bfebb4af4de109489352

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\ed[1].js
    Filesize

    6KB

    MD5

    5bc6cbfdf8198cb2b086ebccb39795a7

    SHA1

    6bd3b3d945ac79c02502d3f241a2622acf9fc0a1

    SHA256

    d0b8a4c0b98f1732383b57d12e8a19bd35f18eb05b806cf6b9a99abc51c49572

    SHA512

    b551f6fbaa40c0a1071bc420a8d68378da0c5d85dfc02d1ffd0f597b0f10123a2c51bab2fc9dabf100b4786bedd830d7bf99a1c6cd7d59684261217ecf56554b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\handlebars-v4.0.10[1].js
    Filesize

    73KB

    MD5

    db3a6f2728df20eea461b8bd254e325d

    SHA1

    8276ee60e1b559f446c07b6ee22d034cd2f06d96

    SHA256

    f0e7798f12ea1934d5128eb3efa2ec671422b37655d5418c15196843a8d466c9

    SHA512

    75bafe03073c6afb39b25d3533a90b60f68a8cba574ae4eae0f3fb07d244048d8a203c5b65a44c02ffd1fa2e71890e82ae9ba7b17843de2d6b31b6f629cad049

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\js.cookie.min[1].js
    Filesize

    1KB

    MD5

    45f12de4d7b95a193ecdc5cfde664bb9

    SHA1

    ee9541cf1a95d2a885f8b143a105caaa08ca9c9d

    SHA256

    39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

    SHA512

    b9c5df833c28b1cd4724a531347248bb02a1cbcdb04119bf44e889a6cca9f11c335609180f4c90417f5d95994cf62505f2edc765d6f9e26526c2c1ee36eb4ea4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\styles[1].css
    Filesize

    15KB

    MD5

    b2a8f97686d99f0bfc05cdbfdae99e95

    SHA1

    6f293442df3613bea3c65445a6d2811275020330

    SHA256

    a5b2b3d04098011e5467ad1d9c9d492cb2509eb1fd80da9bfb8c96ed9b900f27

    SHA512

    5fb41e204191c493dc89fa6abe6c76d396f1d6737f80fb127ad95c3cb27f4fffbbe991635a4b245db1bcabc404b21ccd64082bbc1322bd56cf9c5ed2dc5a701e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\typeahead.bundle.min[1].js
    Filesize

    38KB

    MD5

    bf6cfa59ebcf0c5191e5439ec66f0724

    SHA1

    55c3777112998d0049ae41210067091f4dcf8810

    SHA256

    dbb79dcafc97673fceabf21a1102c3fb34e8130d2f8cad20278b1d1d45772c76

    SHA512

    ef81287d36ae54b7030e03eb5719a9d5d57afdf65294319eb4d2e7befc0155699e9889cbeaf1f7b30984dc2cfc00e65c62a2cf9b4f2bce50edb0dee128966059

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\android-desktop[1].png
    Filesize

    20KB

    MD5

    e0c18c38200332f1cf72d82668a17680

    SHA1

    a81c7e402e2e64e9126609f18a78d0356b280413

    SHA256

    c3f0c17e9586f7e0ad346125a3dd58fbcd14d44131a4b3b187324ed1acc94b7d

    SHA512

    91fdf0c354c16ee4cab9231c95adba798dc9c4f9401b1fa619eadd05bca170195724b8ed518cc35ebced18605040b5e68725e8ffcd7b3ff2d878683946d40cc2

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\jquery.fileupload[1].js
    Filesize

    62KB

    MD5

    1a6f827f35e3922cf55b0bcf22635617

    SHA1

    361917cedfab0dd8bb1046806fbe658adb4b59bc

    SHA256

    07ddae60f2d6d708b6251b9e9ade4c8bb7d4e0af905a8e2f95dfea2dd8588c36

    SHA512

    391d8eb0fd085602fdd0ccb6b60e0d1a738f71e81fbb028afa65fa9d615ec437ff8ebba228b019157598c7934da90a0a1af4a429ceac1bb31ff53cde0cdb8fb0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\jquery.iframe-transport[1].js
    Filesize

    10KB

    MD5

    f371e8d9f57329f90114d7b52dd5c7a4

    SHA1

    eb5fc8ab8c3d5ef33d8c77425df670c5b250d7c6

    SHA256

    f6e9864c545c938343a869fcf464beaad8cdf5fadc80a68842f47836adf225b4

    SHA512

    39acbc35ae2c6a833612c8393db2c91975ae264be3484aa8d3ee5f56084386728efcccb21c6fb7fcb7352f5c855ed957eda70043deba2d930600ed7517688fde

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\material.grey-red.min[1].css
    Filesize

    138KB

    MD5

    ab98375a853cf3ecdea2a642160a7a93

    SHA1

    18013064a4e2ddc5fd83f5a5053c3e720cf407ab

    SHA256

    93e993aa740e48e41261de7751ca52d581df05d35f5d875344ddd677ff3296c6

    SHA512

    023e95fac86713b20631e28e6fe9a46e5a3d2e9d7262872ef368a59226188fe683fbccae182398b8483c14ad32858619ea21dde1ae4798415f64d1530c86e154

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\material.min[1].js
    Filesize

    61KB

    MD5

    713af0c6ce93dbbce2f00bf0a98d0541

    SHA1

    1ab50540032210391656928cd1564530353096cd

    SHA256

    3c27eee3e7e742ba78c0d9956e337579a5f82db3af39e8da6f450e8632decebc

    SHA512

    98f605446920ad7bc8428f5e30a8efe6fbb2ef78fb9175de965963dd6e3d9d508a6ab055394c4d6a2d9d9ea548a7c4279d54bb00a1f0745c9949589b4aa5ad93

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\scripts[1].js
    Filesize

    29KB

    MD5

    cc1dd1b752ada1a05a851ccdf3b13376

    SHA1

    36b147758aab2198237b6d70848bb91e4f8c40d2

    SHA256

    00ba60482fedd9d510794209d814db66cc7572722428e101f7aec187e829b145

    SHA512

    b26e43d9c4d7c1555b925ab8c1a3da8de58101152a9d8aa5cc887d0008cff19d747f286c514983ac73cb27648b0e57ab1006cf133d8271bf267b5639fcaa30d8

    Download Submit