General

  • Target

    21c2f78a2ba5891c4dbdc1b50283844c7720ecd3f1187fb9269015524cad2da2

  • Size

    4.0MB

  • Sample

    220802-17mvraccb8

  • MD5

    b09ec6718a34a70a182f3412b89f6777

  • SHA1

    e730645db18339897aeddb4f21ce662911e03444

  • SHA256

    21c2f78a2ba5891c4dbdc1b50283844c7720ecd3f1187fb9269015524cad2da2

  • SHA512

    5d0f9eb9fcfe8a5d6c42db552d35411116ec0b405e747537a75fd50fb6e9f1d1fc1bf95c169c5ef7c2d217b7cc5d647a6ed36f130e0382a71f919c5e09ec7881

Malware Config

Targets

    • Target

      21c2f78a2ba5891c4dbdc1b50283844c7720ecd3f1187fb9269015524cad2da2

    • Size

      4.0MB

    • MD5

      b09ec6718a34a70a182f3412b89f6777

    • SHA1

      e730645db18339897aeddb4f21ce662911e03444

    • SHA256

      21c2f78a2ba5891c4dbdc1b50283844c7720ecd3f1187fb9269015524cad2da2

    • SHA512

      5d0f9eb9fcfe8a5d6c42db552d35411116ec0b405e747537a75fd50fb6e9f1d1fc1bf95c169c5ef7c2d217b7cc5d647a6ed36f130e0382a71f919c5e09ec7881

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks