ytstealer | 7cc57f2d5d9d90e394221d3cd6c7e93efbf959696465dc491bbcc5644668b10f | Triage

Analysis

max time kernel
177s
max time network
185s
platform
windows10-2004_x64
resource
win10v2004-20220721-en
resource tags

arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
submitted
01-08-2022 15:07

Sharing

Report Analysis Logs

General

Target

779d2613a2de90c7a385300e1667f63196af0bea.exe
Size

14.1MB
MD5

6f249119c8be8db6aa938cd22171f497
SHA1

779d2613a2de90c7a385300e1667f63196af0bea
SHA256

d4fe59e3da719ae845c192e495ac3127b702c165cff923adabff67406bcd46eb
SHA512

c7e41f69ca4341156af1c30d473a13f93f69066532619c894940d7b9845c695cb5356fbd3a27af2aad61c4ccc44a8b189bdb348db399018bb6e78580d583e957

Score

10^/10

ytstealer stealer upx

Malware Config

Signatures

YTStealer
YTStealer is a malware designed to steal YouTube authentication cookies.
stealer ytstealer

YTStealer payload 1 IoCs

Processes:

resource	yara_rule
behavioral2/memory/5096-130-0x0000000000020000-0x0000000000E37000-memory.dmp	family_ytstealer

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/5096-130-0x0000000000020000-0x0000000000E37000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\779d2613a2de90c7a385300e1667f63196af0bea.exe
"C:\Users\Admin\AppData\Local\Temp\779d2613a2de90c7a385300e1667f63196af0bea.exe"
1⤵
PID:5096

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5096-130-0x0000000000020000-0x0000000000E37000-memory.dmp

Filesize
14.1MB

Download