Analysis
-
max time kernel
51s -
max time network
179s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
-
submitted
25/08/2022, 03:35
General
-
Target
9c599e95dbcedb3e4583f8ab321b97f1afe468b9104bf981c82b825e08770c57.exe
-
Size
4.0MB
-
MD5
5e0c84f67f0e7050515cb78056c6f813
-
SHA1
f48e3fe96f438dda3fe66f091ffac71da85baa2f
-
SHA256
9c599e95dbcedb3e4583f8ab321b97f1afe468b9104bf981c82b825e08770c57
-
SHA512
3a7079ca83140af2d9da034b0b14c0df707727100aa9cd9840fff39cf63c66776c3f4a6c8bd55a4e0324e80470b63a025b72b83b0cd236d5d7d8ffade45e238b
-
SSDEEP
49152:sfy2P2DaVPl0fAPIlXX+mLFjRCStbKPI9lIxa5m9bPoUOobnWqX1QORP0liB:sPGEltqRL9tbe45IroUOodM
Score
10/10
Malware Config
Signatures
-
YTStealer
YTStealer is a malware designed to steal YouTube authentication cookies.
-
YTStealer payload 2 IoCs
-
UPX packed file 3 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
Processes
-
C:\Users\Admin\AppData\Local\Temp\9c599e95dbcedb3e4583f8ab321b97f1afe468b9104bf981c82b825e08770c57.exe"C:\Users\Admin\AppData\Local\Temp\9c599e95dbcedb3e4583f8ab321b97f1afe468b9104bf981c82b825e08770c57.exe"1⤵
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14.1MB
-
Filesize
14.1MB
-
Filesize
14.1MB