Overview

overview

6

Static

static

6

Payload/Yo...lderis

macos-10.15-amd64

1

Payload/Yo...strate

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo...ts.pdf

windows7-x64

1

Payload/Yo...ts.pdf

windows10-2004-x64

1

Payload/Yo...elp.js

windows7-x64

1

Payload/Yo...elp.js

windows10-2004-x64

1

Payload/Yo...dge.js

windows7-x64

1

Payload/Yo...dge.js

windows10-2004-x64

1

Payload/Yo...dge.js

windows7-x64

1

Payload/Yo...dge.js

windows10-2004-x64

1

Payload/Yo...mework

macos-10.15-amd64

1

Payload/Yo...ler.js

windows7-x64

1

Payload/Yo...ler.js

windows10-2004-x64

1

Payload/Yo...t.html

windows7-x64

1

Payload/Yo...t.html

windows10-2004-x64

1

Payload/Yo...t.html

windows7-x64

1

Payload/Yo...t.html

windows10-2004-x64

1

Payload/Yo...ser.js

windows7-x64

1

Payload/Yo...ser.js

windows10-2004-x64

1

Payload/Yo...ser.js

windows7-x64

1

Payload/Yo...ser.js

windows10-2004-x64

1

Payload/Yo...ent.js

windows7-x64

1

Payload/Yo...ent.js

windows10-2004-x64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Payload/Yo....dylib

macos-10.15-amd64

1

Analysis

  • max time kernel
    122s
  • max time network
    163s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    04-10-2023 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/RenderedContentFormat.html

  • Size

    877B

  • MD5

    5171a9019a1cb0f2f3cd334d6ece3728

  • SHA1

    bea42ab7b97d4d1f964745aae7dfac87a4816a69

  • SHA256

    cce172f0ac32f84d7945ad10d3d35a634c7c4fa7c6a972ca40d3b1259de95353

  • SHA512

    3289e44c5c2b2546b3d1a28d98085e2888f1f842b7c64536e446cdfb03089b3bab899712e82b7a1590e255eaa5e274f220d3946bc59885a8d5a9dfecd69449f4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Payload\YouTube.app\Frameworks\Module_Framework.framework\SUPSupportContentResources.bundle\RenderedContentFormat.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1720 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f587a1513a82b28e3f1a60d40de326a9

    SHA1

    e422bbdd54071c54936a0c4994e7fe5351e46402

    SHA256

    945b657966f507f3ac4fe522e11fdbdff6d02af17a124cdb24935925b4a83704

    SHA512

    d9f1eab527d49d2390e42151c6a00b79db6e5241332f149291eb61db2a3cc48a8446b5b0b9fa2ae7e14dc93c723fccd03c9e1fd4a9e7482fd462bbed952c7d9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    55389d4558c1ab3de37c562e06c9803e

    SHA1

    2d08556c498bc7041c5a660ff7487c114f7dec88

    SHA256

    210a38f971939df9811b4626af38bf74dbbf43824ddfdea3290ef4e30b1ede05

    SHA512

    b2b78a556caf030458c07b718074a95010505d6611a4af10be189a68dbf6e751e2ba96676d4f951f5f0eb1858db8163108cb38bba5e1292be8468c6cf95c8161

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    55389d4558c1ab3de37c562e06c9803e

    SHA1

    2d08556c498bc7041c5a660ff7487c114f7dec88

    SHA256

    210a38f971939df9811b4626af38bf74dbbf43824ddfdea3290ef4e30b1ede05

    SHA512

    b2b78a556caf030458c07b718074a95010505d6611a4af10be189a68dbf6e751e2ba96676d4f951f5f0eb1858db8163108cb38bba5e1292be8468c6cf95c8161

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f63952d097c2ee1da22993b62d592a69

    SHA1

    7028daf1d65072b56f4575c1dbc7dc1dbf333d10

    SHA256

    6519ed63d437b114b9ef501a4d8ad5c3ba69e9b720b63e3d935d32d4cce814b9

    SHA512

    44ad4548881bba11e8a1a830cd847dcfe18db55382975fb949c152ad6c33f2aaef4f53fc287a83ccacf64d463f50618af1c35722344da5a961b69da3e6c1582e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f3c0bae994513d0d69760e3aca92c620

    SHA1

    b2a03fb7304e9c643ff4caee64df3f512959f3fb

    SHA256

    87e33f005cf8d992e7c573eb3347cb71366f9fd69a29d914e9337ba619c6a3b5

    SHA512

    d55b28da998139e721a68d142b5359474f22574e78f280629d5836456e015d905aa2b49543cb56c05a12cbb3d3599bd94a0040a1f3551c5b4eaa04b4823c5540

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d22388088c194f522497f0294af9ffef

    SHA1

    b0dde6dfd8f29ebb7e0dbe9c2f9de11f91a8668d

    SHA256

    2da41831ec15081f9c3e3f36a876d0ef940202f66820446b49b12901e9fc98c3

    SHA512

    a61fa262cf57232d74655ab99de314cdf481780054ebf13da81c5250dc6623b600e275e99191e236c4e1631fcf48ed426c932f66fc9f953520c01e72539117b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    82e7c0d098134b61a4272fcc6dbd3867

    SHA1

    f85bc688b42c4cf17ebf90c3c0f90b5e342cd9ad

    SHA256

    0a29b9c710e9e7aab84b9b4ce017e01a4f5808ce4bfb1d6ad545d68b32cfbce7

    SHA512

    688ce7beaa4cce46102099cf68149e4a29cd91695a62e2f8f40dd3efa1c4778c1c6670b1ce8f5ea9a098332f805b1d870d30fb414a502544f6cb2ef59c293dc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cf6e212f7e1bf49d1d31ce7708d472fe

    SHA1

    4b66b98e92438e9c45d44b4d2747169238a9be39

    SHA256

    e1874e3e72df7c3a2458cb4004e5565a5e25d5083eca172baf5feeadd416e46b

    SHA512

    7b6f7a6d0ecd46ae32488705770ba04ae3fa81e67eaa644532822a4a1eb7b2e640feab099b1a1269ee69d5391bb731b3ec03a2e9625d3203c57d6d246a1d4c18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    50a738dbf65df4e77ecaa448a1120a4a

    SHA1

    bbca8efa252cc5a19c2fff20cb4ec42c3747ed06

    SHA256

    a2c6496d7b3fad424857f26b8bb03af715a3abed31bc9c03e3e1cd5c2cbfbec0

    SHA512

    8718d165891be73a3bb188aded3f5abd6705dc4d0f24db938f8737a162f61ad743e0f50274ff83b41006ab1174f7c2663b5a3fc6dc715443e2aa4ccd9c78eb9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    59574792c7dc319006d97faa8bdb6079

    SHA1

    f7d50fafc78106c5838115aa4ead2a4118e5532b

    SHA256

    0ae700ffd07e77670e1ed9a785ed505564f28d7076641c341cdbf63d4ca1942f

    SHA512

    916747acb02baf87d36d11c9b94b409d8d252e134cd2a9b22b5832b00b03e0222f250223a01470c407647c2d7d9ef8ea4656123b1d886112fe59f236eec782f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    6c9247658bac58fe6e6f458e6ad9e93e

    SHA1

    01a6e27686ab04eb02f3561b61e868e17df327f6

    SHA256

    0e02d7da5aba6ce3be9ad7cf2b342adcf53c9ae954518ce1fb4586484ea3f832

    SHA512

    03e091f0c9b423561624bbba051369e56a6ed7c2c1f0707dcd683080d08b7a1665a8e5a5736684d1ed60752e417593abfc6d418e3a76e73d4d96a7184152a363

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8446a7c10bbd9682fc841a26d7a9fe03

    SHA1

    25c5bb713c4bcaf41f7d463046cf5ac06751ab23

    SHA256

    599ae43bb6432e9dae44d86234b2ddf83e8001f922e9cb7078d04593c7bfdb57

    SHA512

    5e679a905672223adc177b64cee5b037ac0ed1c074ece23e3ff6bdd806db7d8ed58f30871076e074e14841d565232987c107b577f0033b5130aa028c607e3836

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ebb3dd52d3e7044e56608a6fd47fdca1

    SHA1

    b5f707dd4b91ca162f4b69068ceffc027c09d40b

    SHA256

    71b3c9badad8135e189a9c7c9c699145f4bdfd3fae01ca7fd49c7d9fd224b92e

    SHA512

    63ef544c6b01e1565546f27e802f97e17d1b759ea5d7e553b28d1c2eab9869d2b8355e8a7fa8840e578296598aacb20fd216847b40f955168abfb303fa0a1888

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f2d53d9fa73472e81f0f7ae0ddd3f7e8

    SHA1

    c1711ec07d70d62760cee057cf4a121db101b924

    SHA256

    c4e3c49723fe1169267f2342ae0041dd13068e7f4758ed7e251cc7d4a69c2fb7

    SHA512

    27a961b66790d90ee3ae1684b2422930041305120744815b304ab17eb671a10a5181cd1157636e30e1581c1b76a9c51a319010d1c08497d01d63b26f74d21d71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2121b078afe61ca1e8f838bcc4161d2c

    SHA1

    fe29610d7a7a014e0735ff1de3b3f130d01f0191

    SHA256

    d641b844c9199714b15c0170f8a940f0bce854476384c10294a00537cc36b1f8

    SHA512

    00c81ef3d04066d47c37a10027235207f5acd54fef3e1563bcc395b3ade4f256eeb2ba990e9df8a47f6b97fce3a10ecf4261583cc84d8472b0e6de78157e8eb2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1a8948bcb7861e62da6078f258ec2c62

    SHA1

    05e71e7f11c769db5bba338ec0ce93948928d515

    SHA256

    e855dcf3f1712fa872d0f3b011e8564788433467176e959c667240417fb60482

    SHA512

    a7c5823799a423861195e0c587b05ab23258dc698bf099234688d1d4b69756943be68bca9cb9bf34dc93be846752655f28213c8a34d0aeb5b66d897af6cd11d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0f57847fba707718b2fedab19867eb80

    SHA1

    f0727d28788028cbaa1fe8141d9e34ec32fdb3c7

    SHA256

    591d015a3b6e47d51429b8cd71580ffb65121a2749031482538b5debfe7eb50d

    SHA512

    6bdf4bab02bc0edb729e57e8bdfba9d0cfbf7acdf03f51d3695158d2930061708e8dedd4661860ec0792d3f5c30c36a60cf01fbaa9290ecae82eb5d0768c6a7e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2d9818deaabeb6bebb73e45292a6ac45

    SHA1

    8c54a426e51c41fcaf3c8dcc09d4a4d43846d8f8

    SHA256

    e5e4b6a6b094e7585f7840cfb0ca8d81f4b4855ca315e044fa1b2b9dc70c2790

    SHA512

    8f24236386268d22cec8e761e5282358370d68f8f3752eb7d22c7d3939fad3e1e23f3978c0626d47134d32a266d959995d9a12fffac97d031b9bece9259dfb33

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD221.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD2C0.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit