0cd8e61fc0ffafaacd189835c1941ed0eb531cef905a38e9f8f1ce102adb5143

Submit
Reports

Overview

overview

Static

static

Payload/Yo...lderis

macos-10.15-amd64

Payload/Yo...strate

macos-10.15-amd64

Payload/Yo....dylib

macos-10.15-amd64

Payload/Yo...ts.pdf

windows7-x64

Payload/Yo...ts.pdf

windows10-2004-x64

Payload/Yo...elp.js

windows7-x64

Payload/Yo...elp.js

windows10-2004-x64

Payload/Yo...dge.js

windows7-x64

Payload/Yo...dge.js

windows10-2004-x64

Payload/Yo...dge.js

windows7-x64

Payload/Yo...dge.js

windows10-2004-x64

Payload/Yo...mework

macos-10.15-amd64

Payload/Yo...ler.js

windows7-x64

Payload/Yo...ler.js

windows10-2004-x64

Payload/Yo...t.html

windows7-x64

Payload/Yo...t.html

windows10-2004-x64

Payload/Yo...t.html

windows7-x64

Payload/Yo...t.html

windows10-2004-x64

Payload/Yo...ser.js

windows7-x64

Payload/Yo...ser.js

windows10-2004-x64

Payload/Yo...ser.js

windows7-x64

Payload/Yo...ser.js

windows10-2004-x64

Payload/Yo...ent.js

windows7-x64

Payload/Yo...ent.js

windows10-2004-x64

Payload/Yo....dylib

macos-10.15-amd64

Payload/Yo....dylib

macos-10.15-amd64

Payload/Yo....dylib

macos-10.15-amd64

Payload/Yo....dylib

macos-10.15-amd64

Payload/Yo....dylib

macos-10.15-amd64

Payload/Yo....dylib

macos-10.15-amd64

Payload/Yo....dylib

macos-10.15-amd64

Payload/Yo....dylib

macos-10.15-amd64

Analysis

max time kernel
137s
max time network
210s
platform
macos_amd64
resource
macos-20220504-en
resource tags

arch:amd64arch:i386image:macos-20220504-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
submitted
04-10-2023 01:01

Sharing

Copy URL

Twitter E-mail

Static task

static1

pdf evasion

1 signatures

Behavioral task

behavioral1

Sample

Payload/YouTube.app/Frameworks/Alderis.framework/Alderis

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Payload/YouTube.app/Frameworks/CydiaSubstrate.framework/CydiaSubstrate

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Payload/YouTube.app/Frameworks/DontEatMyContent.dylib

Resource

macos-20230831-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/Edit_Resources.bundle/Assets.pdf

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/Edit_Resources.bundle/Assets.pdf

Resource

win10v2004-20230915-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral6

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKContactUsResources.bundle/get_help.js

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKContactUsResources.bundle/get_help.js

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKMainWebViewJS.bundle/main_view_js_bridge.js

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKMainWebViewJS.bundle/main_view_js_bridge.js

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKSearchResultWebViewJS.bundle/search_result_page_js_bridge.js

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/GHKSearchResultWebViewJS.bundle/search_result_page_js_bridge.js

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/Module_Framework

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/RedirectLandingMessageHandler.js

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/RedirectLandingMessageHandler.js

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/ColorThemedCSSFormat.html

Resource

win7-20230831-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral16

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/ColorThemedCSSFormat.html

Resource

win10v2004-20230915-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral17

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/RenderedContentFormat.html

Resource

win7-20230831-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral18

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/RenderedContentFormat.html

Resource

win10v2004-20230915-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral19

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/SearchResultsParser.js

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/SearchResultsParser.js

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/SurveyContactFormParser.js

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/SUPSupportContentResources.bundle/SurveyContactFormParser.js

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/WebViewComponent.js

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Payload/YouTube.app/Frameworks/Module_Framework.framework/WebViewComponent.js

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Payload/YouTube.app/Frameworks/YTABConfig.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Payload/YouTube.app/Frameworks/YTNoCommunityPosts.dylib

Resource

macos-20230831-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Payload/YouTube.app/Frameworks/YTUHD.dylib

Resource

macos-20230831-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Payload/YouTube.app/Frameworks/YTVideoOverlay.dylib

Resource

macos-20230831-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Payload/YouTube.app/Frameworks/YouMute.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Payload/YouTube.app/Frameworks/YouPiP.dylib

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Payload/YouTube.app/Frameworks/YouQuality.dylib

Resource

macos-20230831-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Payload/YouTube.app/Frameworks/YouTubeDislikesReturn.dylib

Resource

macos-20230831-en

macos-10.15-amd64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Payload/YouTube.app/Frameworks/YouMute.dylib
Size

66KB
MD5

3b0367a6f758b42f92dde5ce68912cf2
SHA1

73dbd39dce8c2d28316fb2150fbf3ed229a1ab95
SHA256

732921b77c99fe930b5210076eaa7c9251015e9a233f516f513e92e7024249f2
SHA512

82c015f426d7994c9c248ba8787a63c784a4e62b67d644db103ab58b5d71ee5a4661ccbe1ab90090666ab97b96dca288dd4c636dd31dee73307bfa6062dab2d3
SSDEEP

192:4pp3q9fpMGyDImR/j7qARMpaq8cwnkKkB4xOCa:a3qrxyImh3Yqco6sO

Score

1^/10

Malware Config

Signatures

Processes

/bin/sh
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib\""
1⤵
PID:525

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib\""
1⤵
PID:525

/bin/bash
sh -c "sudo /bin/zsh -c \"/Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib\""
1⤵
PID:525

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib
1⤵
PID:525

/usr/bin/sudo
sudo /bin/zsh -c /Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib
1⤵
PID:525
- /bin/zsh
  /bin/zsh -c /Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib
  2⤵
  PID:526
- /bin/zsh
  /bin/zsh -c /Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib
  2⤵
  PID:526
- /Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib
  /Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib
  2⤵
  PID:526
- /Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib
  /Users/run/Payload/YouTube.app/Frameworks/YouMute.dylib
  2⤵
  PID:526

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads