0cd8e61fc0ffafaacd189835c1941ed0eb531cef905a38e9f8f1ce102adb5143

Sharing

Copy URL

Twitter E-mail

General

Target

153fd7681033e52dbab628beb9e7a6bf.bin
Size

119.9MB
Sample

231004-bdpptagd2z
MD5

153fd7681033e52dbab628beb9e7a6bf
SHA1

490e95e1e8b8c3ce87c6e7a0bd7e7551df6b2da4
SHA256

0cd8e61fc0ffafaacd189835c1941ed0eb531cef905a38e9f8f1ce102adb5143
SHA512

4c24e6125a4e9b857f6898ea23243d44e7f1059ddc46b2a99b8fc115b6cdeb9f0957b06cb3c32cca8c55c550909b641e738a9c5f1d2bce44f1ebe0f633938dbb
SSDEEP

3145728:uNwqHE4omH4u8tt0mrbRqBji1eE7SfCJiTH:kw5fmB8r0+bRBlUCi

Score

6^/10

Malware Config

Targets

- Target
  
  Payload/YouTube.app/Frameworks/Alderis.framework/Alderis
- Size
  
  411KB
- MD5
  
  bae5500a56432587a149d86d9780dcce
- SHA1
  
  44fb66142593463584ed1c32376fd914c1a9bdce
- SHA256
  
  2343f1eaa1a906c03058e952f2fc0f3a8678c0b6b1b1b67f3201847cf2da4760
- SHA512
  
  bca77d3fea5100f119a6bdc5b9adda68c0f89dc6e85abc4ed4ce68988cfe0019c6974f4f1969e4c7089828b851edcffb1e18c9e8ef7c67fb11b69a4e010412d6
- SSDEEP
  
  6144:U78RMeluvd5TLjLUpGa58S3qwCetLSDwwYz:BRjlubTLjra58SaGSDAz
Score

1^/10
behavioral1
- Target
  
  Payload/YouTube.app/Frameworks/CydiaSubstrate.framework/CydiaSubstrate
- Size
  
  395KB
- MD5
  
  e90b7ab4f6e1aa4034ea4c616186f94d
- SHA1
  
  54ef33b9cd2dd1b2f8432cf1f0e8e4017640f4cb
- SHA256
  
  2b207cbf0cafe42ff1f765b740f7f5b74a73b3ffe75a3890111852c51b0897ad
- SHA512
  
  2ec8458cc1eed3189670b0d616f40b2a465f5738f4aa3dee7ee46b96f6ac62fb3d0d167980c96c128eff2e84fad23513ec9abdb622fdd05fd4ede8f9269c01fc
- SSDEEP
  
  3072:w5LQSrq2Fj/6wJinfQ/MRg14mhlsZUkT4oO:w5sSu2FVinfW4mKZUDv
Score

1^/10
behavioral2
- Target
  
  Payload/YouTube.app/Frameworks/DontEatMyContent.dylib
- Size
  
  83KB
- MD5
  
  7f252d10b18b807abb886906683b831f
- SHA1
  
  0ba2dd256813b02d9413b18f8fdd1a1baca2f1f3
- SHA256
  
  15676bf7451c09c2572eee620050af2567dabe9b0fa52ac4d87e9b2426cf1e08
- SHA512
  
  c9756573ad988bfbf1414cd3991e8de21bfbaf8c6bf87f6525208c51af95a4df016fcf1f7bd2df063f13c78effbeec4757ec5af11b1306f6ecdda3047db527aa
- SSDEEP
  
  384:LjZIJbEU8gnyp/kRvRQna+oL6bg2AOHfSlT6Um2huSW48dHr5ky8tFg:LjqJKA+/kpCna+06A3Dk48BD8tC
Score

1^/10
behavioral3
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/Edit_Resources.bundle/Assets.car
- Size
  
  985KB
- MD5
  
  d84fc0328cf843fdbf5d1881b04d3ecd
- SHA1
  
  bef3ab0ae63fc89770a5e6eebf221b84cfad1020
- SHA256
  
  2be0276b250b93d0f5a3b44b87df6b11e217376df66eeb848537e5face7d97af
- SHA512
  
  a418d074e6a37376f48c0b537439e36ccf7c6862a76a2847fbf14841b25641bba7a8de4f5193ef8064349ab8021917110eb1f94847d9b0c46907afcef057c0d5
- SSDEEP
  
  24576:+VRGKTOdUUvw1UZ+znfyoQO9f0pTJxpk5:+VRGKCdUhUZ+N8pXpk5
Score

1^/10
behavioral4 behavioral5
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKContactUsResources.bundle/get_help.js
- Size
  
  1KB
- MD5
  
  a72539e022a0beb2b3a15789fef9455f
- SHA1
  
  cbcd4194dfd7fb9b789a2baf9a4d623400a98838
- SHA256
  
  d7dd8cad1143d35c10811df5d80f033426155837ca0be856caa1ec331e1dacc9
- SHA512
  
  810888b9c3366954cdc87dce2e334f6e1027a3dc22f8a957b4493b9abefeb308127c4aa0149292d24646fe3f5e131bf94fc965d48ae1f409dc8439f8bc290cae
Score

1^/10
behavioral6 behavioral7
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKMainWebViewJS.bundle/main_view_js_bridge.js
- Size
  
  2KB
- MD5
  
  cf3da72d08031650b9fcc33c7571bec1
- SHA1
  
  563d97126d0af33e27ccb362a890c99134055612
- SHA256
  
  88b6e4f934a7a03315f2f512be6075478ddc65e8d73c968c743e79617a7224dd
- SHA512
  
  190a4bca7c5e1bf979e229bf1d26bd27a322283cca27ea4214d09a547860540557f6c30d5dcdae7532951af929bb4e8820ecbb61e9eb64ca0f9da9fc6e187861
Score

1^/10
behavioral8 behavioral9
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKSearchResultWebViewJS.bundle/search_result_page_js_bridge.js
- Size
  
  898B
- MD5
  
  9556ae4c56c2ec1fc4b3bdeea734317f
- SHA1
  
  eb656d585efe14be4430754880559ff0cc381ff3
- SHA256
  
  b6e11f1429e99235fdc62a9d4305d09b8ec8a97fd3f67fc69e8d11d5f195cd60
- SHA512
  
  3feb93396865641496f3632dfef14622bcd908e93619271c76d5cb89668279d0b7e714de4d230d9d3d17f94e5e318d91688151d42d7b3da7626d8190de7154e1
Score

1^/10
behavioral10 behavioral11
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/Module_Framework
- Size
  
  144.5MB
- MD5
  
  cb24a1496086c24cfa1faee133725f03
- SHA1
  
  519ac4123efb59c2348f7b3dfff5866f36e2b53f
- SHA256
  
  3c3c5a442481ce664cec41e192e2e972398f666cb8e6f52337d54f6e89e70152
- SHA512
  
  e07a3d7d4e57f57b67f8812ecc8d71b90d0df4f39effbd837991c38764111efe56ba76028c9829e21e35a59042438cdf6a001d2f1c4dccabb86dfe014dbe75fd
- SSDEEP
  
  786432:zp2gDCTd8zGs/8c+9jqim/nRA+fePxb2fA9Y0tpW5zMqH+o5ZXWt4v83rXp/Lc/H:v/Z+9p6nVKSfUE15Mr5aH
Score

1^/10
behavioral12
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/RedirectLandingMessageHandler.js
- Size
  
  387B
- MD5
  
  bb93e5f086fe5885363df3b89b0c71b0
- SHA1
  
  0ed3fc84c506e3d966b5035f523caed521cf96f5
- SHA256
  
  e8e11df916d3ec47ed3dc7e68ee2caa9b289364a93cb885b7c6c38f6cc055f82
- SHA512
  
  610f75dcd79ac09b07074bc89cda1cd06a55888a4c7a6a121c3253230b4e399945af1d1ee00f3db4d3edf28c15c109f2fe97e1f3782594b8e70c07d2985332e5
Score

1^/10
behavioral13 behavioral14
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/ColorThemedCSSFormat.html
- Size
  
  97B
- MD5
  
  92ef49e1793dd997b765e9f91f191d3b
- SHA1
  
  06fec512ee59062736b5cdc1c91a0e0a4205ccfd
- SHA256
  
  9200c8be764fbc0a76040f1c0fde4db26a08a6596416aba52af2817361e2efd8
- SHA512
  
  2ce55f2c68f835fd9baa52b97eaf30f28e51fb30e110846395fd749734ac103b3a4b915f48e0f51e5b771e8c17e52f750c87bbe622171fee87f4d01db06c7029
Score

1^/10
behavioral15 behavioral16
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/RenderedContentFormat.html
- Size
  
  877B
- MD5
  
  5171a9019a1cb0f2f3cd334d6ece3728
- SHA1
  
  bea42ab7b97d4d1f964745aae7dfac87a4816a69
- SHA256
  
  cce172f0ac32f84d7945ad10d3d35a634c7c4fa7c6a972ca40d3b1259de95353
- SHA512
  
  3289e44c5c2b2546b3d1a28d98085e2888f1f842b7c64536e446cdfb03089b3bab899712e82b7a1590e255eaa5e274f220d3946bc59885a8d5a9dfecd69449f4
Score

1^/10
behavioral17 behavioral18
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/SearchResultsParser.js
- Size
  
  403B
- MD5
  
  56d339220a76aeee005ec63ad51ce0da
- SHA1
  
  ee6282aa7942d2a134d3a019032a887e6c5b01b3
- SHA256
  
  ea1e4a775bb4146027bdc8fd1bd49d372ddfdb85e537220c6b5f43e5a66e4003
- SHA512
  
  05fc989aae71d84cb5f011dbf348ec809275421c295bcdb959f83c5e43ceaa480e6a2a98a3c0c221d9397e980b89c7cad4073f01a2176e3c35a8f835b6703966
Score

1^/10
behavioral19 behavioral20
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/SurveyContactFormParser.js
- Size
  
  192B
- MD5
  
  d11fbfe5b180b991991e001ac0ae260b
- SHA1
  
  69f7efef7fc8d51584f2a0b974a73025b1424d35
- SHA256
  
  612aac9506d7fdcc23fdeedeaa5131d1d67820871fde0ed161d631398e1f15a9
- SHA512
  
  41d0036be9acc38507d3c088d751ea189b3e95108cdc2d63240066c39665fce9c01461c7d1a81603e88ace93868ade581200048f77cbb539978c7834aabb2ec8
Score

1^/10
behavioral21 behavioral22
- Target
  
  Payload/YouTube.app/Frameworks/Module_Framework.framework/WebViewComponent.js
- Size
  
  3KB
- MD5
  
  61c2ef9a194e0631550196296e28583e
- SHA1
  
  b2940a67ed31e5fc4d55f7f6456ef06b9d8fe29d
- SHA256
  
  fd7247d3e16300183a11cd13e17f25b62932cda024a2f32bc596632e53856932
- SHA512
  
  482d61586ad4e0d7465f6dd6ff2be561bba8b12b0e4bdb5d8a66ebc83aae1829fd40584de7442d7ac5a960472ef567991a167d15ae4e596620b208fc35918599
Score

1^/10
behavioral23 behavioral24
- Target
  
  Payload/YouTube.app/Frameworks/YTABConfig.dylib
- Size
  
  100KB
- MD5
  
  d8b13f8010d29764d0298d5fdbfecac7
- SHA1
  
  21c19f2774097c7bb76fc8d6aa81c845166ec740
- SHA256
  
  d62899d3ea968db98f063727a7c2e35d846977841060bf5016f7506fdcca5e2a
- SHA512
  
  6cd6c52dfc65721f7ccb72be6e8fbaae204c0913b4d137cfa5510d3a2ddac929098d22a2e8c180c799e273015154763dd34ab8f3e69aa86451329b4e7198ed0b
- SSDEEP
  
  768:/smFN1tUfyKQcRWr9CRvH2qERuHESB2BiFWdaDFmZU2M:3FSfecRWJCR4RuHESBuiFWdLU2M
Score

1^/10
behavioral25
- Target
  
  Payload/YouTube.app/Frameworks/YTNoCommunityPosts.dylib
- Size
  
  82KB
- MD5
  
  dc64f8615899a15b5b9b27c860619707
- SHA1
  
  08d4ab4b02a829a5cd3a5261fbbb782c08ebdfe4
- SHA256
  
  b7f358a0a72b50cd8d887a58ff213442554be672b6aa7d5a1b80209f49fed2b0
- SHA512
  
  d6473e53f4181e6c6cbdc4884697f444777b8bb5d6c274cf2e032728e4fa16ff10d76207253b1adcb449ae1c14e92da42f0440077a0c702bfd152df5044ca363
- SSDEEP
  
  96:orQp22XTR9y5m5mtAzqeuRuKGoHO2LC2CnJBI3x+H8refCMnXv8TVS5Z8THlONTD:iqPry5LAzOuVouZ8McKfCuFgl
Score

1^/10
behavioral26
- Target
  
  Payload/YouTube.app/Frameworks/YTUHD.dylib
- Size
  
  66KB
- MD5
  
  6065beb37dbfcfb0023ff3aeadc6cdff
- SHA1
  
  d541c1cb0cb2bd13ab41e4da775eec10df79337d
- SHA256
  
  f68ec01d34e2a69390f09a1ec577b529902c7be7a970c4a1002518ea8cd87510
- SHA512
  
  dbacc673e2da4d8fe5761b4371819f94e25cd9a903694747af54732da452545b00724633b042fad5ccecc7c6680b23650d681d58083158a4c749898ee5b52761
- SSDEEP
  
  192:DNnWh3XVhF86zNAPQ6hH3Zw50pNxts7t5RSot/thVrZpMiw7x:DJWlVH86zG46/C0pSlt/t4ig
Score

1^/10
behavioral27
- Target
  
  Payload/YouTube.app/Frameworks/YTVideoOverlay.dylib
- Size
  
  67KB
- MD5
  
  a61cef55efe4ed9274444536021c46f7
- SHA1
  
  fbe928dfac8700578fd7ca06c6704aded78b9bf6
- SHA256
  
  67cf373d3721976aa1f4b5efc80fdbd52d669d40c51d9db0a96f9c61d574bd95
- SHA512
  
  5ad38fbde371de44a1ae144a08f7d935e8104553f49aa30cd3b3474954419d1f1832121afd0d7e538787067f0d5b045bf3c41dbcec27f55474216ef981fb6197
- SSDEEP
  
  384:CNfHz8lx00LKwxk2Dwpte6zhYPql4a7Z7bd+QB:CNfTeKwxk6Itx4IZHhB
Score

1^/10
behavioral28
- Target
  
  Payload/YouTube.app/Frameworks/YouMute.dylib
- Size
  
  66KB
- MD5
  
  3b0367a6f758b42f92dde5ce68912cf2
- SHA1
  
  73dbd39dce8c2d28316fb2150fbf3ed229a1ab95
- SHA256
  
  732921b77c99fe930b5210076eaa7c9251015e9a233f516f513e92e7024249f2
- SHA512
  
  82c015f426d7994c9c248ba8787a63c784a4e62b67d644db103ab58b5d71ee5a4661ccbe1ab90090666ab97b96dca288dd4c636dd31dee73307bfa6062dab2d3
- SSDEEP
  
  192:4pp3q9fpMGyDImR/j7qARMpaq8cwnkKkB4xOCa:a3qrxyImh3Yqco6sO
Score

1^/10
behavioral29
- Target
  
  Payload/YouTube.app/Frameworks/YouPiP.dylib
- Size
  
  101KB
- MD5
  
  2d9e8bd8e0c9d40b9b529a537fbe3643
- SHA1
  
  a20b17c193039f4f88b88504c985a0c55018a387
- SHA256
  
  145944c93ec052a82e4d3893be85a60dded3b4b658aa275e8afbd35990889e16
- SHA512
  
  4658f8b12e475b904a0f6ccc377385472b464d15e822a58d6ba7d32776de7fd1d80815f35caa68de8abc8857e55eb91c716f88bd8cf0bc2c50c3cd0f932db559
- SSDEEP
  
  1536:L5TQhqGB0x0A52RUeG9QFUNleiSPVTLbX/gJfQMZ5lH:LM1Rz9LgJfQ2l
Score

1^/10
behavioral30
- Target
  
  Payload/YouTube.app/Frameworks/YouQuality.dylib
- Size
  
  66KB
- MD5
  
  ab65f4e8dc1f564349fe899930dd11a5
- SHA1
  
  b1852be7ae82277e159e398880f08c409d48fa53
- SHA256
  
  06feb2dda32ab3339d94e5809b1a3faa9710939524884cf094f6c7d3e68033ec
- SHA512
  
  13390a3c45493ca32389e90b47ef2d4d6616254df12d223d9337c3a79e0b57b6f3003a6b42c66276979f4fee39c8709ba02465b1555dcef473e16d0116862827
- SSDEEP
  
  192:Lgc4AGr7O8llMu7PGLkqR2wt+VHlPaFsADfX/2VBJmELU2WRea2SaKm:Lgpm8llMuMkqR2wE5lGsAfq
Score

1^/10
behavioral31
- Target
  
  Payload/YouTube.app/Frameworks/YouTubeDislikesReturn.dylib
- Size
  
  118KB
- MD5
  
  cda812177e5ef14effb9fbfd93da806b
- SHA1
  
  e7f95221748c1339912eabb8e2e8adaf96f264b4
- SHA256
  
  75c524e5e5ffe4d3087ce6e0b2e966e1415bf12e534cbb055c7664d251030a15
- SHA512
  
  ce6fa6cda0acadd5cea4ff88baae086d55e23fafc08d01c6c165e45edb7d5605ea084b482575ac9e28466fe06f57f78ccd5abaa53b850b131792e94d5d15274e
- SSDEEP
  
  1536:PZ6HWzCpuPGOdTvISGSlEIRxbuTsUjlwpQMzZxyr64dthx:PhzTGhS7Rlul7MzZghhx
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32