General

  • Target

    a3399562b281d5dd39a742eebe7a9de6ae46360f6226c4e005f31e1d73c5f7e3

  • Size

    4.0MB

  • Sample

    220801-jjtvqafbhq

  • MD5

    c24ba1762d2da4b568a2e26f22f9c64f

  • SHA1

    80109682d40260506b1c1b27aa0552c37c8b048c

  • SHA256

    a3399562b281d5dd39a742eebe7a9de6ae46360f6226c4e005f31e1d73c5f7e3

  • SHA512

    7dd08ee1a655cc7dc2f4090a99f572b2e5d733e5533fbfa372ad2b26a16df80165d53b403e03520551fdf6ef3884ab261e02a4e6e56799dac57d9c19c2cdb6fc

Malware Config

Targets

    • Target

      a3399562b281d5dd39a742eebe7a9de6ae46360f6226c4e005f31e1d73c5f7e3

    • Size

      4.0MB

    • MD5

      c24ba1762d2da4b568a2e26f22f9c64f

    • SHA1

      80109682d40260506b1c1b27aa0552c37c8b048c

    • SHA256

      a3399562b281d5dd39a742eebe7a9de6ae46360f6226c4e005f31e1d73c5f7e3

    • SHA512

      7dd08ee1a655cc7dc2f4090a99f572b2e5d733e5533fbfa372ad2b26a16df80165d53b403e03520551fdf6ef3884ab261e02a4e6e56799dac57d9c19c2cdb6fc

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks