Overview

overview

7

Static

static

3

Youtube botter.exe

windows7-x64

7

Youtube botter.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/07/2024, 15:46

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Youtube botter.exe

  • Size

    12.1MB

  • MD5

    e599454f688899ee5ece73a98089bac7

  • SHA1

    dbae745f11af480142d0f3758c0254f4c85bcf4a

  • SHA256

    49309647eaf3050e19f6ea458ad908d78655d6a1afe9697b09423e53fd4c7767

  • SHA512

    cf65a1b64a7791c8d4c3d95b1ed57ff97cdaadb5ccf0cea80d2eaef8de24dc6ddc11c2e4a1947c2fc9a7f5517f247c728c8ea8661f701a75644e3fbef0cd2b37

  • SSDEEP

    393216:Qt1l7QAUWJO5kRCXVmrPtN3ZWN9yh11UN:YMAU+Ou2mrPtN35X1U

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 16 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Youtube botter.exe
    "C:\Users\Admin\AppData\Local\Temp\Youtube botter.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:384
    • C:\Users\Admin\AppData\Local\Temp\Youtube botter.exe
      "C:\Users\Admin\AppData\Local\Temp\Youtube botter.exe"
      2⤵
      • Loads dropped DLL
      PID:2248

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\VCRUNTIME140.dll
          Filesize

          87KB

          MD5

          0e675d4a7a5b7ccd69013386793f68eb

          SHA1

          6e5821ddd8fea6681bda4448816f39984a33596b

          SHA256

          bf5ff4603557c9959acec995653d052d9054ad4826df967974efd2f377c723d1

          SHA512

          cae69a90f92936febde67dacd6ce77647cb3b3ed82bb66463cd9047e90723f633aa2fc365489de09fecdc510be15808c183b12e6236b0893af19633f6a670e66

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\_bz2.pyd
          Filesize

          82KB

          MD5

          70a3a9e6d086a965bd164eb171f3f537

          SHA1

          a85dea115761d8a85ea08004fa65d975bbf37fdc

          SHA256

          5294b29c8130bad79b0a4ba9007f076843ebd35df6317b90ec9822f0ba3d8b57

          SHA512

          447937793cbbe64025db3f3a51cc2124fc73a418aa690db1ff5290edd4deac6a34d894653a33356e1d7ea3fdfcde801c9daa00873c0409d2223217d403c954a0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\_ctypes.pyd
          Filesize

          121KB

          MD5

          9082abcff2c89a406e7eddc1a1d4afd9

          SHA1

          b114950c87dd1c544cf02704f5164a315993a716

          SHA256

          591392e5c488defdcfb179bc0db96504577e2122370ae480e840a90d53ce3f44

          SHA512

          3176d9898c77bb766679242c9667516868b25eadf59d7b92fe751d3bb81a9f4b68472df0d6234b159f27ca1503de29f574bd09b072cd38f503c8d5348d9dd4f5

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\_hashlib.pyd
          Filesize

          44KB

          MD5

          c5a8b85ea3d0e8a04aac2df10796db2b

          SHA1

          3a9bf3024bacd0fff0e8c31d1d713ea1434cfd98

          SHA256

          fe504d5ac91f335300654dc978dbf85be18843be6f834359cd768618650f2dc7

          SHA512

          6f23eab6b26f034dcf92346afd7ab7108f81b90f10a3da3d7fd92116ff066ed42bdcf6bb8430c4b5f9ef2d53d25ea8c7d678cc5c8acd61ecaf79b911d54e07ca

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\_lzma.pyd
          Filesize

          246KB

          MD5

          24919c42c43d9ef08d4e372c339d9e47

          SHA1

          4ed83cdab8830605a7bb75cb03a5764b8ee5c886

          SHA256

          d8e4150517435b30913f4016df052dc7409d0e2b69b5f24333c274d504c4633f

          SHA512

          d2b8a9eed20e27390b47b23140feac340cf448c5c4b5deefe3e42f91e1b3482be1cffa5499b0c062e36ecea8990bea2523dbbef58acc816d3a0f89eddbab5ff1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\_queue.pyd
          Filesize

          27KB

          MD5

          bf3fa2b64a6926e1591165e8cafa3070

          SHA1

          7692b3d4ef92e5ddd950c1c9ff58ed17d41f5365

          SHA256

          2f7dc8e53748c028a8ac129ff2b5b14d9cd231cafcf26167965a60839e46a070

          SHA512

          40e8849f3d9bbcf9b3f0d2ecde22e5a117a12358c3097c652a6cae3fe0e346b6eb997df2c304a6fabc82594ddcc4cc15288f59a8a4688cff67b592811e06f1ac

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\_socket.pyd
          Filesize

          77KB

          MD5

          458f0f0ed8d16019d7c2d157bddea94b

          SHA1

          d21848e4ebafac0b9e9ca8d71e4f8cd2b5aaca57

          SHA256

          e6bdbe5d5d66c9790e490f6dbb695ca87a9acffa51c4a37d2948b7f1ba2c8b42

          SHA512

          00eb3c535a0074765f146523b0bb6f16360609a13a38579b19a2635590c2d947c5eaa7e78e7a9324b3670c505d6310e75e78f7e6fdadc23aa12ad165bdfccc69

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\_ssl.pyd
          Filesize

          116KB

          MD5

          486431c1032139d202565800a0729a3b

          SHA1

          0c43a02f1ba3162033410926fe4b22fe79ed81f1

          SHA256

          3dce8bd61cc46761033cd1457c64fe66ff306ea77aadf5543834a9be3b50c074

          SHA512

          4906d70e76ee1dc308027662613b29872f1c97f3e6390c913f1bb456c7be172989f6d1c5671500c23e7d5d054281e10de8d822350aa5606b73d7518b7c4beabe

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\base_library.zip
          Filesize

          767KB

          MD5

          561b08a3a24e0bdc60fc255ce2e6b045

          SHA1

          f85123b8f24780b282caffb11c6ef1f2dc28a1f6

          SHA256

          4da962b10575acd6574666c6d829011ec0583f458302a3861a427053a168974e

          SHA512

          22489ed93789d83c3869fa56edfa72494431b44c00e0b0708da6e9b8334e8bc507c4e45a4e2a690f66fdabd1be5f073ebe283aa5c8ec7a31bf83783f839f6e90

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\libcrypto-1_1.dll
          Filesize

          3.2MB

          MD5

          bf83f8ad60cb9db462ce62c73208a30d

          SHA1

          f1bc7dbc1e5b00426a51878719196d78981674c4

          SHA256

          012866b68f458ec204b9bce067af8f4a488860774e7e17973c49e583b52b828d

          SHA512

          ae1bdda1c174ddf4205ab19a25737fe523dca6a9a339030cd8a95674c243d0011121067c007be56def4eaeffc40cbdadfdcbd1e61df3404d6a3921d196dcd81e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\libffi-7.dll
          Filesize

          32KB

          MD5

          eef7981412be8ea459064d3090f4b3aa

          SHA1

          c60da4830ce27afc234b3c3014c583f7f0a5a925

          SHA256

          f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

          SHA512

          dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\libssl-1_1.dll
          Filesize

          670KB

          MD5

          fe1f3632af98e7b7a2799e3973ba03cf

          SHA1

          353c7382e2de3ccdd2a4911e9e158e7c78648496

          SHA256

          1ce7ba99e817c1c2d71bc88a1bdd6fcad82aa5c3e519b91ebd56c96f22e3543b

          SHA512

          a0123dfe324d3ebf68a44afafca7c6f33d918716f29b063c72c4a8bd2006b81faea6848f4f2423778d57296d7bf4f99a3638fc87b37520f0dcbeefa3a2343de0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\python38.dll
          Filesize

          4.0MB

          MD5

          9e3ded73b6263b671a1d6c98256b721a

          SHA1

          814045f7a2be0ab7a8d34dc8156ba9ca06253ab9

          SHA256

          215e4f42658a1ba952197a3973ebafd2cd1d40a41c335ae376feacbcf5b04e87

          SHA512

          8323ffb40bbaee89b1a3f1a160a24776394591ed21dc63ccb82bece7b9a1fdc2c10404eb9f3f94bae730c57bdfd99210f67a532f789f5e5c5ea14fe76b3ad05b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\select.pyd
          Filesize

          26KB

          MD5

          ac8caceeaa28137a14784563d126ed7e

          SHA1

          4dcbe48eaa53d5c7d91c420df823dbff54f4da5f

          SHA256

          8e6d1a33b16dcc3922f7159a30ff596194a59b4a8fb5f9864517f03fd19f2c78

          SHA512

          b67bff989af102f5087d95993e9bd57c6808e401979707bc2d33b386326b964abb71f497d82747725fb040a1d337ee453a1d57c37b72fdc06f7ea7687dda8f12

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\ucrtbase.dll
          Filesize

          983KB

          MD5

          2beb4237716a28beee2b3dde3dff292f

          SHA1

          bbe400dd253ef347af4e33dda4c813e08ec6c8f8

          SHA256

          7256a691b8052a1dc27396b28d6742ebc9cf4194ae5f820fb67e8b86c4d92735

          SHA512

          138a8f014efde724ecb1b6a7bc8cd0ad59ffc88cec43ba575482c8de9339055f57eb73ee14633275e6710ab461577710f8c40cf898e2e2038919cefa067fc0d0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\unicodedata.pyd
          Filesize

          1.0MB

          MD5

          94d7826c152c26ffeeeb6fa2ffd43566

          SHA1

          fcd70b4df1a297412cee08960212c7ba844a05c5

          SHA256

          0ce881904f6a16919d4c4aab1dbf13c0c5491fcb592f71836cecb5b3b5099bba

          SHA512

          d6c759495f2b8701b92e95d557aedf0a9079860536b3f54d54826ed8dfd6f4e84fb96ce39e6eb2a771ce85632dd09e63e760031f81617a07d3bb30e9ccf09dba

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\_MEI3842\yes.exe.manifest
          Filesize

          1KB

          MD5

          47e8a6255bbce99cf8450ba97bb281ad

          SHA1

          93ba78b8b26313d972c3e4032556598a87826045

          SHA256

          971af335fe175af301dc5744a8489c2a9a74256c1fe51e8cdf1d66b366d2c23d

          SHA512

          84dd066ccf837dd6f0e283fa8a01f1c98602446d9f43134eea811e7b792c6f483e53b9864d176a3ac61416c6018839e018a41b1bce10a0b2b1f88124bbe557b9

          Download Submit