General

  • Target

    1830ec7d060e6abeede23f702ec28b03674ed940c495638044ecd03cf723082a

  • Size

    4.0MB

  • Sample

    220830-bq2vxahfhj

  • MD5

    c5612152c454e0965fc1dabfaa39f4b4

  • SHA1

    fc0413426684dfdbc16ed78f0cfcf37133b05b41

  • SHA256

    1830ec7d060e6abeede23f702ec28b03674ed940c495638044ecd03cf723082a

  • SHA512

    3b1e3f3ecce42d4dbb43bd1224ebc19cd19ef8e912ddebf0caff9ec2186e405de9636e7a83782c7eb3938bae0a585cf0c63e368bdc3f4d86752f4330f0541de5

  • SSDEEP

    98304:XA/rZBbmMHJ9d8gWVBTatzuLwABnWl7xkRzihrF9nIUHXtbP+Lb5:XIZBbmGed6z6wABWHkRzMJtyLb

Malware Config

Targets

    • Target

      1830ec7d060e6abeede23f702ec28b03674ed940c495638044ecd03cf723082a

    • Size

      4.0MB

    • MD5

      c5612152c454e0965fc1dabfaa39f4b4

    • SHA1

      fc0413426684dfdbc16ed78f0cfcf37133b05b41

    • SHA256

      1830ec7d060e6abeede23f702ec28b03674ed940c495638044ecd03cf723082a

    • SHA512

      3b1e3f3ecce42d4dbb43bd1224ebc19cd19ef8e912ddebf0caff9ec2186e405de9636e7a83782c7eb3938bae0a585cf0c63e368bdc3f4d86752f4330f0541de5

    • SSDEEP

      98304:XA/rZBbmMHJ9d8gWVBTatzuLwABnWl7xkRzihrF9nIUHXtbP+Lb5:XIZBbmGed6z6wABWHkRzMJtyLb

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks