Overview

overview

6

Static

static

6

Payload/Yo...lderis

macos-10.15-amd64

1

Payload/Yo...strate

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo...ts.pdf

windows7-x64

1

Payload/Yo...ts.pdf

windows10-2004-x64

1

Payload/Yo...elp.js

windows7-x64

1

Payload/Yo...elp.js

windows10-2004-x64

1

Payload/Yo...dge.js

windows7-x64

1

Payload/Yo...dge.js

windows10-2004-x64

1

Payload/Yo...dge.js

windows7-x64

1

Payload/Yo...dge.js

windows10-2004-x64

1

Payload/Yo...mework

macos-10.15-amd64

1

Payload/Yo...ler.js

windows7-x64

1

Payload/Yo...ler.js

windows10-2004-x64

1

Payload/Yo...t.html

windows7-x64

1

Payload/Yo...t.html

windows10-2004-x64

1

Payload/Yo...t.html

windows7-x64

1

Payload/Yo...t.html

windows10-2004-x64

1

Payload/Yo...ser.js

windows7-x64

1

Payload/Yo...ser.js

windows10-2004-x64

1

Payload/Yo...ser.js

windows7-x64

1

Payload/Yo...ser.js

windows10-2004-x64

1

Payload/Yo...ent.js

windows7-x64

1

Payload/Yo...ent.js

windows10-2004-x64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Analysis

  • max time kernel
    118s
  • max time network
    160s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    04/10/2023, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/ColorThemedCSSFormat.html

  • Size

    97B

  • MD5

    92ef49e1793dd997b765e9f91f191d3b

  • SHA1

    06fec512ee59062736b5cdc1c91a0e0a4205ccfd

  • SHA256

    9200c8be764fbc0a76040f1c0fde4db26a08a6596416aba52af2817361e2efd8

  • SHA512

    2ce55f2c68f835fd9baa52b97eaf30f28e51fb30e110846395fd749734ac103b3a4b915f48e0f51e5b771e8c17e52f750c87bbe622171fee87f4d01db06c7029

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Payload\YouTube.app\Frameworks\Module_Framework.framework\SUPSupportContentResources.bundle\ColorThemedCSSFormat.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2452
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2452 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    817465cedb240673893313098947f1f4

    SHA1

    4930d90bdc394db279d0492010d2d9cc4c684072

    SHA256

    dca4c5f856376917fdc48a7579c7df736f6e2658528eb8af5bebc3867f19782b

    SHA512

    2d33d8579011e91d37632d390f92a42a15b1d6487e992661dbc1ba8b267781301ccceb1ada2a6021584707ab98f8a56156cf058d935adb54d1492cf0d8f4e2f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f1d9677056c6fbbd3301fdcdca4d3813

    SHA1

    20861963b9eb343cc20b4378d9b841910a3647a7

    SHA256

    06306414116bdd48a43e4edf92128d61921bab62e1dccb8b29799971d4a83edc

    SHA512

    a0b9a3eacf4d70637e287ff0f35f24ec71dcb6a3e58e6ba73359e6051b9f33eef8cb9cd042abdaefde74e0546f434ab1009c1c81278b4e37105fa14592126558

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9ee091cc56fd133ef51b9281e47b744f

    SHA1

    d41b2a19c3763d51b0f88510d8bd8e4ca0223e62

    SHA256

    c7c3225fcdcf6d589636bee583a9b31f4ff9204cd043cc6ab09e883251f90824

    SHA512

    6c162195ffcd19598e2ab4bc71390891191dd2a201fb906d5fb45f388b31dd1719e48a73a8c6b54b7646fbf7b90a1e8f3b1fc2ad2102fb3c23b20d1231ad8cf3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03e4fdd02b837cf36c89e94579af4a10

    SHA1

    007b5cc999d8e3b3206200da8023b4df432bdaa0

    SHA256

    f103cdcef029932ec4dc50e347b38a859e96621e74ccd91479964b4aed874ef1

    SHA512

    34a3d13819f5e54bf7156c2a5eb00c66014b121e0582699d1965f84c78e6516c72f6d0ff92e8122626153c10ef7d7d0d0ae2aa33d93c128cf890e4f815347a49

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    99dea16bf01d1a67a4eec8313d948e69

    SHA1

    eba8dc5cc97f7275e4b22a3b8a497bdeb0d15e60

    SHA256

    9b83b294ad901c6c08107fffcb5705072156f1a4e191bf3977277cb9aee188d0

    SHA512

    475ebe16a31a758680351ac2cd3ba63a90a80cf27b39234b3983653213b58e3fd132cc517a7bb7a1f87d4d8e25cc025072a9146c6948eaa3420a305490d058e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ceba4de67b04ec6b0178c6ed4021db16

    SHA1

    61e0bfedc111529ab3f56a9c1ce55d39f935638d

    SHA256

    b4c7761edeebc1e83da4ad760f81f1d24b9030364f05e6244c83236f6a7bc405

    SHA512

    e490d09e5ec5460fbd8a0ab3accda25f40b8a8ebd0abf949fbb8d9a9b9d7819dcd2646cc617cc592b0843e76187d9f44aac414ce851721bc875e681c4acdd947

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9f3a587a824b0d04f71403888a072606

    SHA1

    0831c6e915884b40b0cf9a901ba99d6396902fe9

    SHA256

    4c108f999fc09165909c756b7db9113381c17fbee698b895ed08f0e06ac7da01

    SHA512

    c7ff6768f1522dba92b8868e37ec4cc13eab1a73a95e0d2061dae4eb886b1eea659506bb72882071c8f78d30cc03d69cf9b57941db4b565c911a4371ce6f43b1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a5610de4adad96a9f0b8ef9f79c97f76

    SHA1

    ff9b9dd765c361a4ab0dab1bf64533621498d01c

    SHA256

    162dbb45a6347e17bae7b2e0ab8ca329bccbf7b0aaa0879d7825542745dde075

    SHA512

    6c55346b431145fbfa391758d8d0bbeb25c46d759fdd314721cad5429cdd809b59f936393989ef9aa48288690e7a0e180c0677509bf8fe9b146978acf07dec9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7b90af7646153f24aa0ff23a390a8232

    SHA1

    8446edd50c1add6d33e225b77bf74e552577205a

    SHA256

    5692a924acdc27191ffc1d35f713271adbb459c1084cbaabf7bf4fa0771d320d

    SHA512

    fb13b4ef1ca3c7ed95fe3499986d943875ff756ff14d4c16b746a3338afe5099e7b91b18a31459618c6cd2869fb6949f0166b690b59f566baf7baa230754df95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4782ecaa1f30d9314caf9d82fb2ce855

    SHA1

    e98ba41d9077d11c434bb389877ed4c5bfc45b53

    SHA256

    8a3cb37c677cb797d179a52929c68c3e956f960f4d5e7e229dd8a4036628eece

    SHA512

    9660c82692811b7f49612e45358e28e51e3f48e7c4e328634010865100b20dcdaa4e18511f8c5191c56eb6015509988f00065f0d074ce411e23e3538dabba03c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e81bfc114fabd9170ff9243680301f8

    SHA1

    98aeca59df0643e589fc835e0252d5f5842977c0

    SHA256

    ed41897ad0ea2ce9d2f822e87b67aad62f981f011491331997388e5f981457e2

    SHA512

    644173f9e067a724734ffd372a9e86991edbc4e9ab2d041d012b83fe3fdea39ccc87b588b28bf5ab41b5874eaef2576bc4e483a788f3feb18a4f84ca913da319

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cd9c42537da1ec0c1483cf289bd480ff

    SHA1

    1a09980c4ae2fe98a9cf80c0ac63c834b5fa0f18

    SHA256

    aa905636469edf9fb267c59822fee90e026023e0bcd812fc3618a5106294e350

    SHA512

    22b71e2529369373f76d1493044fbf10fec185000947a80d2ba4eea54cffe98856c5ef117ad2fcdda9ecc0511d9155a41e723c1cfddb14090bd38c11874b6fe7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2447a70d11ea7c162092ae8db7fa3417

    SHA1

    d8e754d9c74df2c95dbc369531e7b1f3ca3c6cd9

    SHA256

    44d3a91eefc35eb851ad870a8786dea4a9f3c90ca46131493292edfa3b0a0f30

    SHA512

    effaf520770552681aad5f7c5c72f75dbbe3100a45b3a08e720a09bf1f88b3618b27f2d0e79e98c0cf5d3b306ce09b80f0b64938b78f3516255f202817e9ee7a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB674.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB763.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit