General

  • Target

    1A263542A734201D2FC6AD31EB5BE874E357CD59CA2BF48DA0610857CEB7C2AF

  • Size

    4.0MB

  • Sample

    220812-hpw2lahhgq

  • MD5

    977c1094dce77ceecd310080f7fafba7

  • SHA1

    f8be16c0e9748ff8b7f6688107ea16a5de216351

  • SHA256

    1a263542a734201d2fc6ad31eb5be874e357cd59ca2bf48da0610857ceb7c2af

  • SHA512

    0ed104581ac7ad37188c611431c23bcb6f095d14a548686b0b8f97ff8301e667345d3d94acdc66b0244e0c2f1a6a29f03348548e6da5371d755505c63d57e2bd

Malware Config

Targets

    • Target

      1A263542A734201D2FC6AD31EB5BE874E357CD59CA2BF48DA0610857CEB7C2AF

    • Size

      4.0MB

    • MD5

      977c1094dce77ceecd310080f7fafba7

    • SHA1

      f8be16c0e9748ff8b7f6688107ea16a5de216351

    • SHA256

      1a263542a734201d2fc6ad31eb5be874e357cd59ca2bf48da0610857ceb7c2af

    • SHA512

      0ed104581ac7ad37188c611431c23bcb6f095d14a548686b0b8f97ff8301e667345d3d94acdc66b0244e0c2f1a6a29f03348548e6da5371d755505c63d57e2bd

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks