Overview

overview

10

Static

static

8

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    C0F8296C3117EBD81FC8E23E46DD515DE17758B80A8D2BF0F3AA0CD7DC29DA8A

  • Size

    4.0MB

  • Sample

    220720-jzytlsdhgj

  • MD5

    1abd245ccbf9c8862a43503b76ca4f84

  • SHA1

    724ec77b362d050b3461abf79b1ad0c026453d2c

  • SHA256

    c0f8296c3117ebd81fc8e23e46dd515de17758b80a8d2bf0f3aa0cd7dc29da8a

  • SHA512

    13f6daa23842dda9209fc3022fa6e7a7e878b67e26c305999279d80d0abfe31db0af76a529b04eeffc19564827f561880a60b4b808c9b4da843c3c5da00300f6

Score
10/10
ytstealerspywarestealerupx

Malware Config

Targets

    • Target

      C0F8296C3117EBD81FC8E23E46DD515DE17758B80A8D2BF0F3AA0CD7DC29DA8A

    • Size

      4.0MB

    • MD5

      1abd245ccbf9c8862a43503b76ca4f84

    • SHA1

      724ec77b362d050b3461abf79b1ad0c026453d2c

    • SHA256

      c0f8296c3117ebd81fc8e23e46dd515de17758b80a8d2bf0f3aa0cd7dc29da8a

    • SHA512

      13f6daa23842dda9209fc3022fa6e7a7e878b67e26c305999279d80d0abfe31db0af76a529b04eeffc19564827f561880a60b4b808c9b4da843c3c5da00300f6

    Score
    10/10
    ytstealerspywarestealerupx

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

      stealerytstealer

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks