Overview

overview

10

Static

static

8

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    4.0MB

  • Sample

    220822-sy682ahgdl

  • MD5

    dde97d310422b2d40e939f386eff5fcf

  • SHA1

    388a76eb7baaec085d717dbb7c0f14cfa451018e

  • SHA256

    1117aa3d97baa3fcc4cd60f695fb47ccef86fde7b3ffe7a26e6fe9c33a8b9c41

  • SHA512

    5806632622ecff4f8ab054a1883585510322fc6108ea145efd1872d71521449aac468c1b1cc8bf079641da7e79a97382d42e9b791554c8cceef8e208cfa097c6

  • SSDEEP

    98304:Vvqq8Lf7vt1b74jc8+9eemmaP1r3AVMn:Aq67vMw8+9ZmLP1rQyn

Score
10/10
ytstealerspywarestealerupx

Malware Config

Targets

    • Target

      file

    • Size

      4.0MB

    • MD5

      dde97d310422b2d40e939f386eff5fcf

    • SHA1

      388a76eb7baaec085d717dbb7c0f14cfa451018e

    • SHA256

      1117aa3d97baa3fcc4cd60f695fb47ccef86fde7b3ffe7a26e6fe9c33a8b9c41

    • SHA512

      5806632622ecff4f8ab054a1883585510322fc6108ea145efd1872d71521449aac468c1b1cc8bf079641da7e79a97382d42e9b791554c8cceef8e208cfa097c6

    • SSDEEP

      98304:Vvqq8Lf7vt1b74jc8+9eemmaP1r3AVMn:Aq67vMw8+9ZmLP1rQyn

    Score
    10/10
    ytstealerstealerupxspyware

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

      stealerytstealer

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks