General

  • Target

    c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8

  • Size

    4.0MB

  • Sample

    220802-f11stacfbq

  • MD5

    27167814efa448fec2bbcf35991f5eca

  • SHA1

    85a1aae8faa4fbd0985fa357586b3c5bc4f4e3ab

  • SHA256

    c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8

  • SHA512

    3832c84b76db5404fb67b5d2c90c59a012dff4631bf9fa276879d11f65ecd14ed0b1b00af6d01eb3854279a874aca5e2d763ff6d316505e67276adc92232a85b

Malware Config

Targets

    • Target

      c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8

    • Size

      4.0MB

    • MD5

      27167814efa448fec2bbcf35991f5eca

    • SHA1

      85a1aae8faa4fbd0985fa357586b3c5bc4f4e3ab

    • SHA256

      c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8

    • SHA512

      3832c84b76db5404fb67b5d2c90c59a012dff4631bf9fa276879d11f65ecd14ed0b1b00af6d01eb3854279a874aca5e2d763ff6d316505e67276adc92232a85b

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks