General
-
Target
https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbURLdi1vTEtCRGJVSlhDTDJqMGtDR1JvZHFJZ3xBQ3Jtc0ttb3ZLWE16c1ZxZTRHdk5aNUZUZzYydVo3bHF2STRaU2U1VV9xdEdRRlFHVF8wWTdPU0tWMm0xb1VuWWgxVm5Bc25MbzItSFAxUEFnaXhVZkVkYnR1bDUxdHZ0LVBRX1B5ZWNCWTNEZ1g2YmY3bUJJYw&q=https%3A%2F%2Fgithub.com%2FEndermanch%2FMalwareDatabase%2Fraw%2Fmaster%2FNoEscape.zip&v=4oATWyMMH4A
-
Sample
230331-15twaafc2z
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbURLdi1vTEtCRGJVSlhDTDJqMGtDR1JvZHFJZ3xBQ3Jtc0ttb3ZLWE16c1ZxZTRHdk5aNUZUZzYydVo3bHF2STRaU2U1VV9xdEdRRlFHVF8wWTdPU0tWMm0xb1VuWWgxVm5Bc25MbzItSFAxUEFnaXhVZkVkYnR1bDUxdHZ0LVBRX1B5ZWNCWTNEZ1g2YmY3bUJJYw&q=https%3A%2F%2Fgithub.com%2FEndermanch%2FMalwareDatabase%2Fraw%2Fmaster%2FNoEscape.zip&v=4oATWyMMH4A
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbURLdi1vTEtCRGJVSlhDTDJqMGtDR1JvZHFJZ3xBQ3Jtc0ttb3ZLWE16c1ZxZTRHdk5aNUZUZzYydVo3bHF2STRaU2U1VV9xdEdRRlFHVF8wWTdPU0tWMm0xb1VuWWgxVm5Bc25MbzItSFAxUEFnaXhVZkVkYnR1bDUxdHZ0LVBRX1B5ZWNCWTNEZ1g2YmY3bUJJYw&q=https%3A%2F%2Fgithub.com%2FEndermanch%2FMalwareDatabase%2Fraw%2Fmaster%2FNoEscape.zip&v=4oATWyMMH4A
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Legitimate hosting services abused for malware hosting/C2
-
Modifies WinLogon
-
Sets desktop wallpaper using registry
-