General

  • Target

    YouTube-Viewer_win_1.8.0.zip

  • Size

    34.1MB

  • Sample

    240605-tl3krabe9x

  • MD5

    131b1ca074dfc723512d25b4b26c4e8a

  • SHA1

    10de255b55b2cbf6d3f71ffd674816546bcbb58c

  • SHA256

    db8e962997404abce831cf3898325f1fad47069a2f2eb4b7441a3b5bda900ea8

  • SHA512

    1ed6bfca2ede55eacda5d8ef305df712b830c2706a156c9a68a2957b10a15bc54a346c205390966b6b078ec8aefcf3e0f399a3ad1b348e5bd8db9e7da330c745

  • SSDEEP

    786432:XbNcd4L/js2gvBr6sX/kq8PC7uHZ3pm/U9aWIvJ0a8wD/edAgBH:XbNTngvBrJvuRsOaWIvJ0a80eqg5

Malware Config

Targets

    • Target

      YouTube-Viewer_win_1.8.0.zip

    • Size

      34.1MB

    • MD5

      131b1ca074dfc723512d25b4b26c4e8a

    • SHA1

      10de255b55b2cbf6d3f71ffd674816546bcbb58c

    • SHA256

      db8e962997404abce831cf3898325f1fad47069a2f2eb4b7441a3b5bda900ea8

    • SHA512

      1ed6bfca2ede55eacda5d8ef305df712b830c2706a156c9a68a2957b10a15bc54a346c205390966b6b078ec8aefcf3e0f399a3ad1b348e5bd8db9e7da330c745

    • SSDEEP

      786432:XbNcd4L/js2gvBr6sX/kq8PC7uHZ3pm/U9aWIvJ0a8wD/edAgBH:XbNTngvBrJvuRsOaWIvJ0a80eqg5

    Score
    7/10
    • Loads dropped DLL

    • Target

      Readme.txt

    • Size

      1KB

    • MD5

      33e6728c4d96e904f29ffeaed21eb0fb

    • SHA1

      6b05a55b3925586a3afcfd3ae6e66636ea8e7518

    • SHA256

      06332532c5ec6c64f9a724de0b3da329b219f1d2ad1578d49dc005e3605ba204

    • SHA512

      8d571c4bb88a35a599984c904a59b4aacd90aa24ad2cb24b7da79b6b419b4cc036102eca7dbe802d97286a131d3cd1fd01982a19bbaacde9510886427886cfed

    Score
    1/10
    • Target

      extension/always_active.zip

    • Size

      37KB

    • MD5

      0ceb9740369f748f86010d51f3eb9170

    • SHA1

      820f44602f787245ef2218a195deb38ae73df26b

    • SHA256

      84f1af0dba759be55dbe3dd506cb9bca7a0b2a9af12ed65b373a0d213c7d3551

    • SHA512

      468dc98d54d6565b171700e1da7a16abb86ae3f64276266a27839106333daccb74738fe3976925c79a78444c7301be9730959e13704d8e86922dc47963fb2fb4

    • SSDEEP

      768:VmgYOdJEfHZbApo8tn/VTH3tViL/qkG1jV0aD8aWlOekzxJNgMLAyvU870rGV4ik:ANpfHZkp1tn/tHniL/tIGavWlxQxJesG

    Score
    1/10
    • Target

      background.js

    • Size

      350B

    • MD5

      a2c649e7f85b598966ddd035aec7ff3b

    • SHA1

      30fc61e34fdd4368f911d66fab32febe63c44c91

    • SHA256

      ded6bad6c08b7ab5b09dc236948132f15abb9417c8faa712dd5fd8e1ba1ccbb8

    • SHA512

      0a9f2b285462022eeccad578b22fcde61294f049f3721f5d0a28be704b6b2d35be8fb5a33fd427f0c8570fb0be84d21385fd61c9b78baecaa9430a040c058afe

    Score
    3/10
    • Target

      data/icons/128.png

    • Size

      4KB

    • MD5

      d6787715a7146355656cadf7309fb281

    • SHA1

      691207c1632d37df3fad2c2718e3b2bd92357afa

    • SHA256

      b0fb03a367939c0b22d1742e5d79e26033cb7685c1b5efd0e65e7a2f58d7e532

    • SHA512

      24ee8a6cc6a286b4f653c05506f195303a25cc2f1ee185b07af4a17258fab1d4bb8d8c06232eb64aa9ac80a12e5c8113a4ef3674ff6afa41631030893cf5d1bc

    • SSDEEP

      96:X6LKlLPGRRgYHoDgBXnxZ9+8BZYD9pJFszlpjRT:X4RReQK8Byxpbul9l

    Score
    3/10
    • Target

      data/icons/16.png

    • Size

      1KB

    • MD5

      258d928ab6fbf91277bc7dcb5a15ad59

    • SHA1

      1761283d667e2bcc4a103cebaa7dbe333847b204

    • SHA256

      04c94cea99b9e252b13e381e76ab5e014f4d3bfad22834603c49052d5784b607

    • SHA512

      d737f57a2522e9051116c8d5364d76755d31bad4e991137d0f4e1feecfce26846f8586d598779c859ffa821d2c7e650a1073100c587631fdaa80d62aa657e9f3

    Score
    3/10
    • Target

      data/icons/19.png

    • Size

      1KB

    • MD5

      56e7f619851bd1bf9ece432c46b1116c

    • SHA1

      aeb0c80601f2920a0a6fee1d6126853864ce2ad5

    • SHA256

      3f81e5a3be633b66b81a5f042f9c966454337fe89125dfe8fb1039311db6cc49

    • SHA512

      25dcbbab3ddb76522f19431c83abe31064e260ab73d4fce1abfb5cb17ed5820b5f72db008164fdb95a3b65015ac71a8528dc3c70dbdf097cbb55a970cb00cea5

    Score
    3/10
    • Target

      data/inject.js

    • Size

      2KB

    • MD5

      551b5da4a1e155fe2012f82e50b68500

    • SHA1

      5b9d41b5af29ebd9eba8452dbe57d7c8f1d6e411

    • SHA256

      6e057518e4755c045ee4bd3199998a920237f90f074aab256cfae0b05db9178b

    • SHA512

      08901118079c4f5a85e5748e2456e8e3fce213ef0230357bab1b65dda5739737b09ef72e44967918e3abfe99184a09a4794960e2bedf05e1586eafd8f847edce

    Score
    3/10
    • Target

      data/options/index.html

    • Size

      1KB

    • MD5

      9506e64d094d312e2088c800141ccdae

    • SHA1

      c56b7cd838b5dd2bd84a07db9027f608f8ba4d00

    • SHA256

      fba857260ecd685271990fbba79219e29d8fb3a010e1d9adbe14a28467eb2272

    • SHA512

      e4cc00dc6576d9171634a0fc587672b26afa9837828521d7435df39da9011f07ef75d3bec98641866ed2908b294ae7776228bead60dbaeadd4137f7f8f6310d1

    Score
    4/10
    • Target

      data/options/index.js

    • Size

      2KB

    • MD5

      12628bc4b4de59dae75f32a431d28c06

    • SHA1

      9c62637ccd55b39037162a042ba10945ab6193ae

    • SHA256

      0c7937f149b2e8fc5fada8f89a96548072d0ec3b6b5cb5aacdac2c1fba59cc05

    • SHA512

      4056a0f2d8ab31db3f754b3e7fb94fe99cff10ec0c2f6b27a0f733941db92487afae518117d335f65519b75bfb90ec518b315f228b0ba0786b7f8c9f3e87de4d

    Score
    3/10
    • Target

      extension/custom_extension/Readme.md

    • Size

      102B

    • MD5

      ccbd9e3934952c0428633e0629a902a0

    • SHA1

      f7f2b1cf0dd24a92fa66b5076dc188cbf15149cb

    • SHA256

      def699d1bfa32eb4b2b633a5f451de569e63182afb7fe786e17ffffe4ea6f51a

    • SHA512

      931f45b716f7858a15e0606b944b86b9c4f5ecf2e2f851d0e19a7a2b8f0744a60f2b6ef945b766a96e78e45ae94b9861f793a2a471b0b5ac6aa76be36052a43d

    Score
    3/10
    • Target

      extension/fingerprint_defender.zip

    • Size

      5KB

    • MD5

      4b4051ac446c9576a7f4ae08857995dc

    • SHA1

      761054d7c6382a234cfe8966083e092fc7fc55aa

    • SHA256

      55630349a00676707036a4b4e93e396cfc3e0a48c0c52cd3a9983b4dc5381b96

    • SHA512

      c969901f38503c5d1d20a34e45fd7636d7c339215d754176b79771dab731c3aaadede6cb40993210cd5e3b4dba0f538361ab2c0aa57fd924d030570b2cc916dc

    • SSDEEP

      96:pVt2AvZZpANl/9LYOKyDhRjr7XIqRO2tFKDsETcTm+cFM1O:Dt2AvZZ2NlZThDD7NErcTNr1O

    Score
    1/10
    • Target

      audiocontext.js

    • Size

      7KB

    • MD5

      7877b7c00d3952178a49b48f9a806333

    • SHA1

      d07ea1e1048d5439bed72c4505706561be3e63ac

    • SHA256

      ece0ee85dacdaa28d6eb4c4525a51da98ddc690e23c5e286ca224c25a6e2a8a9

    • SHA512

      df9a1026d8a872159a817400098822c8de18b30f3ede42fc15748d9748df13030d20aae94dae971752aa97cf5410849346b9eba826a562a9e086026f037a8032

    • SSDEEP

      192:b+xo6C8uTYnbjOJWitf4gCAfiU3fLVqhCqZCq/Cqyas:b+66C1YuegC+

    Score
    3/10
    • Target

      canvas.js

    • Size

      3KB

    • MD5

      b459be8af4c3066c35e43ad074ac8876

    • SHA1

      bcce6db83cabd2b8b2270a0a80b1c3f1d1988bea

    • SHA256

      2f5a39d4c87c79e3538331f2cdd1dc6919e4e91c78c4c3afbbb17522c8d351e9

    • SHA512

      10397868e93c0f0fc4f361b527a3237d68f1338123beb972285d10b5b94196f72b40ce930d88a92ed6b5e835abab84cb04fcf547bc8ce3c350a071acb853287f

    Score
    3/10
    • Target

      font.js

    • Size

      2KB

    • MD5

      c1b6acd7866ad1737ac147f004f5deff

    • SHA1

      e31bbe8927e6d57591eda31cc9878c3c0edb7868

    • SHA256

      28e101c02971a4bde1ea6472a151348055f0d45f146460fd7e75b513bbf74562

    • SHA512

      2195e33b8bdb0da8711baa7eda7901947b1926cfecb9e43fb2745c343dfbe8b51247496702e7fc55a009760625f3677d58f1373b4cc4c41bb4c21a8eb998d49a

    Score
    3/10
    • Target

      webgl.js

    • Size

      7KB

    • MD5

      1c9d7d4b39bb2d4b6ce65a54a1d3763b

    • SHA1

      9e04de6241ceeff7fccd53bd66997150ed487c28

    • SHA256

      81bbeb67c006c92c84e884d377e4d5bb7eee1d7e36753ff0579408aaa59ef598

    • SHA512

      568f410c63f93df40112aa0734cd938834317d206215239f4c14ad1e1586b5818aea05e5e34083acdfa568b1dfce7668740cce4134959684af0616c32f252fa2

    • SSDEEP

      96:4mdhQld7AKKGvsRUwxCjL8oE0HFgwrCy9DWtYIXSOBzmaNGr:4mdal+vGvsRbKZfrCy9DOXSOBzmas

    Score
    3/10
    • Target

      extension/webrtc_control.zip

    • Size

      44KB

    • MD5

      bf4cfb8e055ab28b1f929d52c1380554

    • SHA1

      4291f943d842900f704721ad6ec82bc8911b4724

    • SHA256

      c7a914f9c833733b91527f5337ee8511dd0a499c860b31a2a2ccc174fee7940c

    • SHA512

      6d82e73ebaee43aa95cb4e28deadf2772503b2b9e848d557ee73d31ff5495e9fafbe6797b26b78d8312a781bc23a1c6adbf202f4a6b61daa38d0fbe79aa133d3

    • SSDEEP

      768:r3nGIa/uKO414po9pqLuFckNA0bu5Dpsp8+fYrfl8c6FtgbzxjnCCf2S6:rXGIaGO1rwIz9PRc6Ftg3xjC

    Score
    1/10
    • Target

      background.js

    • Size

      131B

    • MD5

      90f3abfd9b8be4ccc6501635dabdc526

    • SHA1

      e01447c6dced1b28e35e3ea0fd1210d9b6ff0747

    • SHA256

      7bd4a1d58a9b69ce634b211e5487e97cfd49a9a7fe5600e3f77972e74718f909

    • SHA512

      7e4ad2fc4b3dc9c0e2a8d06d04278d41db7865df6ad2ae893b0de117094321578882609bae57c63267146df5ad587b59e462fad22c7006bd6155a7bab26c6299

    Score
    3/10
    • Target

      data/content_script/inject.js

    • Size

      1KB

    • MD5

      12d932545cb7be0d325086806d1e6be0

    • SHA1

      bede6497f2673e9a8bad9dd1635a8fe7d1522604

    • SHA256

      6a74596a9c7525aeae9b2745ae6fcb7ee64fee7e8d938e7e8b1eb6c553c9304c

    • SHA512

      cfe02070215d57a7047f3b86d13c40333c76f6b30ee87fadca7ec8bbef8dbeb5692d49f5375246b4d03c8c5bc088ab9ceb0250e7fae05651d6590c6974886e8e

    Score
    3/10
    • Target

      data/content_script/page_context/media_devices.js

    • Size

      196B

    • MD5

      d51c2aa2480e240e8037a0df77f45145

    • SHA1

      b33f581d048ced33e672ab8ecb58b650fa70ed21

    • SHA256

      1003b43b07522571782d1c36129d2603defae459e88c4c1d44bb169f4874d653

    • SHA512

      a4b417f4de081ecb4d4c0e1ec749f0e0eeef8762cafa92f0f72ef53da31810d423af36aa0cad135d3209f3c9ee3485d9123491b272acb13086c32f3b62c0233f

    Score
    3/10
    • Target

      data/content_script/page_context/support_detection.js

    • Size

      1KB

    • MD5

      9489da3e26b297d4e3eb28d22d082c75

    • SHA1

      4be830b0569ee5430101c685e6b5bac7058246fc

    • SHA256

      f8040151cc9659414cb9bc6079fdf5abc81b1eec1e824ff53cbaa23786d4d381

    • SHA512

      8616de4e3585baaa07db0acebc3370bcd6cb4350d89746cf4f049d0221a3b52dc79f309409f87c982968f8d03e703153d41b613d9a2ffb9a110872972334f051

    Score
    3/10
    • Target

      data/options/options.html

    • Size

      2KB

    • MD5

      7e1cd101de9d43c0be78f1b65bd2d78f

    • SHA1

      21d8a3cf1c8677fae534a7001d84529ea3976cd1

    • SHA256

      87323a46df7d393281c70efb19808a728370707195ab35b37de16104745cb555

    • SHA512

      72f0256eee2cb71df383aaf130a132c340fe7f88862477fa1288607a2bad5a213e0b41d7b96cc25eaeb75ca23ac5c4d85a6a679b319cfe1ee169a9ccabbb4d3b

    Score
    4/10
    • Target

      data/options/options.js

    • Size

      2KB

    • MD5

      7f6f964acd6e204e371c9aa8bc623b1b

    • SHA1

      deb6317ff78e698f019262543576aa0b7f9fefbb

    • SHA256

      3c356c6ee7ef041572caee6409f98724080ee5067ae7dd8017670614e4942777

    • SHA512

      30b40f63f5a70b61803fef18df2c5b60b8cf69e2ce601d7b7b78ad076003219967a6c8771934da7794a259942cfcbff72c89d50598048725d6ed05da481b5455

    Score
    3/10
    • Target

      lib/chrome.js

    • Size

      6KB

    • MD5

      bb6661239e477d1bf186bf340305e9bf

    • SHA1

      c2d7e75b034819d36b5a39596bb947247b046c3d

    • SHA256

      9f1cae11f95566f366425820eb01740889658b4cd38a0e508d0bec5ebb16b3d0

    • SHA512

      b742da91e780f5f057af72f556ea830da57e977cb753d4dea6aded180c5eaff4ad04df3cd11a9846819c12569a856a0052983a28f364ad7b491a2a8cf1aff509

    • SSDEEP

      96:eQOwKuvphBF+xqQT0uQcZG0xMAUO5gWG+XyDEM:75RqxqQT0uPZrCAUO5gYVM

    Score
    3/10
    • Target

      lib/common.js

    • Size

      2KB

    • MD5

      76b3a9374835ac7b35d0038ebfc045b0

    • SHA1

      7d744a66f0242ca7d1d6950a7fe1e9b2c71d27a4

    • SHA256

      ce7f99debf806c50474b809eba38babc9d3cf8915b3ff51da718be5867dc2377

    • SHA512

      47714ed43a543b9a49e3cfe44d11b7f83687129a3d6510a550fbc47da8672ee591020f45ce9214a670bf1637c32cba7ed84a8d5aaeed57d8404969b82b344250

    Score
    3/10
    • Target

      lib/config.js

    • Size

      1021B

    • MD5

      094b97a86982fa7cf6839cf5eabeb2a4

    • SHA1

      ad5b76e51fd005aff47349c249f3fb69d1013568

    • SHA256

      6629c431b5b45faa47e4bfb26a2c552e1d05effb72519676374b7faaafaea054

    • SHA512

      ed97efb988bfef0dc01ddc3df130223440615c24781edcec55fee7583d458190c5a1395bacbce70b36611558e1869818fbc3973ded92eba34192deb0efe35371

    Score
    3/10
    • Target

      lib/runtime.js

    • Size

      2KB

    • MD5

      0ce35ff0f56cbafc7a9077dba9232886

    • SHA1

      4cea42e922b3f6f97a6799b61a7b0ca6e2c49e2a

    • SHA256

      6596f1c7e20778c5328a17c507a93ede8827a492733c793f878e79db613ec44d

    • SHA512

      96aafc35287732919e0aa09a335822afdcfef51179674a7754152d0dfec1f49d80beadce9afdc4c2197d48e311ccec045b71c06d42fb1ba32212d2f6cdaadaa2

    Score
    3/10
    • Target

      killdrive.bat

    • Size

      78B

    • MD5

      0e9d25e12331e23e5c20e0256b139361

    • SHA1

      34e8b8ba2b0b5d19efe0735269f5b09b283c7075

    • SHA256

      1083a21b34a0fc0fcce343213aac68161c9a04d7873ec5f7c8d8f4437b7f956f

    • SHA512

      da669a19d75062f6796dc61b5524b906434be4763674e31ad289f1cc84ff1fc0bf6cdbe4cf42890c708377a6f55fdad8402337e15162e89c616b32f2dbe7b315

    Score
    1/10
    • Target

      proxy_check.exe

    • Size

      9.1MB

    • MD5

      d56922bbcc712e596f864d70a857f281

    • SHA1

      b8e6e46003e0a2ea411cb07310db84c8629276d8

    • SHA256

      c330ba9970db91edc3e2c9f8f889cfce2ab3dd32c6595cb00c0a5efa7bc826cf

    • SHA512

      237a0a0fb012cf09fdddc7354c0ce92c89cc922ac475eacf0544f1f4322571cd09b0df7c9f4482c6c3b63193c2046f50d452055c01163a704eb77861371a4072

    • SSDEEP

      196608:5aiAV2QsyH3zEPmvdsCncpgomn9VHGDsSCOAp6fj7H:1OnzJvaCncpH07m+OBf

    Score
    7/10
    • Loads dropped DLL

    • Target

      search.txt

    • Size

      196B

    • MD5

      3897c0a715ba928d950daceaf6f1efcb

    • SHA1

      e089bd2c2833fcef1c22b291f6f43dfbda6d4334

    • SHA256

      f016b55631fd529b3c36ab5b619cbca4aeeabfa42180f541ec2a625a46f7298f

    • SHA512

      7fa2c0efa45cebe6a869035be97eb72171778858b3abd2386a4114c9c2c3f2ccdedb2ed590e4b5b378fd54934566c5d5468876600d4958cc4fe135f8bfacb79a

    Score
    1/10
    • Target

      urls.txt

    • Size

      100B

    • MD5

      77c013e4372e091f18185584b5041742

    • SHA1

      b3928c0096d371eee2787132afa740ff9b97b081

    • SHA256

      2338a06a68f5f5d1ed3d89345a1f502cec63dbe2ee419fd83a7084f5eed4ae03

    • SHA512

      764f2d981eca850b36719c5dcec01f8bd2aa38bb6d9cca44cead32fac308e27af0be48048cfa53649fe5fd3436fb9d2856feb2b5c30efbcacf4fdf664ed130a7

    Score
    1/10
    • Target

      youtube_viewer.exe

    • Size

      25.9MB

    • MD5

      0c8a52a9de9fed310429aa73968777a8

    • SHA1

      f96dfb073b9eff5d7e3a595df304226600c1189d

    • SHA256

      c11ad889c5cf256c522f477ee316439c35a46a596daa38a5faf61e545102fac9

    • SHA512

      d1c2f30429c2f76b31600562c2eb29e3c1a6c886ae4c42c3b9de8232c6e8237a1d2e76b78d5d51823415b3861d0be44a9345fa4eab7002771c5c5a408777710b

    • SSDEEP

      786432:u4NiCndKpH07C7ADgwNG22N9t6eLENzx0K:u4NiMYAkoG22ND6eL0x0

    Score
    7/10
    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

pyinstaller
Score
3/10

behavioral1

Score
7/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

execution
Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

execution
Score
3/10

behavioral9

Score
4/10

behavioral10

execution
Score
3/10

behavioral11

Score
3/10

behavioral12

Score
1/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

Score
1/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

Score
4/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

Score
1/10

behavioral29

Score
7/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
7/10