Analysis
-
max time kernel
143s -
max time network
179s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
-
submitted
30-08-2022 01:48
General
-
Target
54ab7ebc82f14ad65fc83533d98709fb209ece783b63c53d8f95518936424b4c.exe
-
Size
4.0MB
-
MD5
a7aa0bd3162bcef17b768bc35f460090
-
SHA1
287f75be4f9cdac70efe7130023a68475de4091b
-
SHA256
54ab7ebc82f14ad65fc83533d98709fb209ece783b63c53d8f95518936424b4c
-
SHA512
ac73fc39dffea633639b07647cc9e62ecd85644f5eb3d981283b1d1334b7c7b4c9789b58de7c1a0705a2eb076ec733b99f03d3aa30769ad473f926de56381f1f
-
SSDEEP
98304:iQFrmQGZtNpE8+QarKW9WaMUOsC0vlRoStFtNjo3x24toZfDIBxyF:jFaQGZ/pRMKtF3sPni3x/iZ6w
Score
10/10
Malware Config
Signatures
-
YTStealer
YTStealer is a malware designed to steal YouTube authentication cookies.
-
YTStealer payload 3 IoCs
-
UPX packed file 3 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
Processes
-
C:\Users\Admin\AppData\Local\Temp\54ab7ebc82f14ad65fc83533d98709fb209ece783b63c53d8f95518936424b4c.exe"C:\Users\Admin\AppData\Local\Temp\54ab7ebc82f14ad65fc83533d98709fb209ece783b63c53d8f95518936424b4c.exe"1⤵
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2736-115-0x0000000000220000-0x0000000001034000-memory.dmpFilesize
14.1MB
-
memory/2736-116-0x0000000000220000-0x0000000001034000-memory.dmpFilesize
14.1MB
-
memory/2736-117-0x0000000000220000-0x0000000001034000-memory.dmpFilesize
14.1MB