Overview

overview

10

Static

static

8

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    D8EF7CD835E91B48C79E4399D3C0F62BFF81F89B9214A21B389338589A88144A

  • Size

    4.0MB

  • Sample

    220727-hcx35abbfj

  • MD5

    e0e07a35ff1497561b199c9e7545525b

  • SHA1

    c34279d7d225ec347ae6c2393bd529825688b39d

  • SHA256

    d8ef7cd835e91b48c79e4399d3c0f62bff81f89b9214a21b389338589a88144a

  • SHA512

    51ece1be7136d7add05f4e069932153f2b472903375ca2827ab6e6cca64e68215d46f7ffea8db2c0d63efdac887192d0fd972ba096a387824e3f9bfff5c0a6b9

Score
10/10
ytstealerspywarestealerupx

Malware Config

Targets

    • Target

      D8EF7CD835E91B48C79E4399D3C0F62BFF81F89B9214A21B389338589A88144A

    • Size

      4.0MB

    • MD5

      e0e07a35ff1497561b199c9e7545525b

    • SHA1

      c34279d7d225ec347ae6c2393bd529825688b39d

    • SHA256

      d8ef7cd835e91b48c79e4399d3c0f62bff81f89b9214a21b389338589a88144a

    • SHA512

      51ece1be7136d7add05f4e069932153f2b472903375ca2827ab6e6cca64e68215d46f7ffea8db2c0d63efdac887192d0fd972ba096a387824e3f9bfff5c0a6b9

    Score
    10/10
    ytstealerspywarestealerupx

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

      stealerytstealer

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks