General
-
Target
https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbjZhdU54NW9YWVdfcGFqZ25LcHZqOWVIQXRKd3xBQ3Jtc0tuQll1X04wclJYOTdNTVExQ2QyRnRuYlYwaXFfSE1PUjRBY2VsN2xHWHl4X0JfdXdxb3VwNlVXekUwam9UeERHN044d2hJeWJnbndKZnNwZWVZQUwxWU1wR3FRWHlpcmU2M3dHTVBHZTA5Vy1xc18tMA&q=https%3A%2F%2Fgithub.com%2FEndermanch%2FMalwareDatabase%2Fraw%2Fmaster%2FNoEscape.zip&v=4oATWyMMH4A
-
Sample
230331-v8anxsdd8x
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbjZhdU54NW9YWVdfcGFqZ25LcHZqOWVIQXRKd3xBQ3Jtc0tuQll1X04wclJYOTdNTVExQ2QyRnRuYlYwaXFfSE1PUjRBY2VsN2xHWHl4X0JfdXdxb3VwNlVXekUwam9UeERHN044d2hJeWJnbndKZnNwZWVZQUwxWU1wR3FRWHlpcmU2M3dHTVBHZTA5Vy1xc18tMA&q=https%3A%2F%2Fgithub.com%2FEndermanch%2FMalwareDatabase%2Fraw%2Fmaster%2FNoEscape.zip&v=4oATWyMMH4A
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbjZhdU54NW9YWVdfcGFqZ25LcHZqOWVIQXRKd3xBQ3Jtc0tuQll1X04wclJYOTdNTVExQ2QyRnRuYlYwaXFfSE1PUjRBY2VsN2xHWHl4X0JfdXdxb3VwNlVXekUwam9UeERHN044d2hJeWJnbndKZnNwZWVZQUwxWU1wR3FRWHlpcmU2M3dHTVBHZTA5Vy1xc18tMA&q=https%3A%2F%2Fgithub.com%2FEndermanch%2FMalwareDatabase%2Fraw%2Fmaster%2FNoEscape.zip&v=4oATWyMMH4A
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Drops desktop.ini file(s)
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-