Overview

overview

10

Static

static

8

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17c5263448340317950efd54887409a96c2c3a1cb7b194f8a3a68fe731ea1412

  • Size

    4.0MB

  • Sample

    220830-bqlhxshfgq

  • MD5

    f4380c545ddb6295430a099982c2d2a4

  • SHA1

    6eb0a6b7b0c26a1685c7fb2304ac2faff1b7f06a

  • SHA256

    17c5263448340317950efd54887409a96c2c3a1cb7b194f8a3a68fe731ea1412

  • SHA512

    6b7be37d0e6deaa03e04f2e714dbe05c5899552d314517448882479ddf9773293b37356e36a39b10a5c58f8b53a49e4882ae564c8bffe322b0cdd72dcbf894c6

  • SSDEEP

    98304:2sXqxuy4d3DSjdC1gkdTu5LfJZePM54qdSmLkJ8DnKuUCqjP:x6Li3DgQgkdTudKtmLlGDz

Score
10/10
ytstealerspywarestealerupx

Malware Config

Targets

    • Target

      17c5263448340317950efd54887409a96c2c3a1cb7b194f8a3a68fe731ea1412

    • Size

      4.0MB

    • MD5

      f4380c545ddb6295430a099982c2d2a4

    • SHA1

      6eb0a6b7b0c26a1685c7fb2304ac2faff1b7f06a

    • SHA256

      17c5263448340317950efd54887409a96c2c3a1cb7b194f8a3a68fe731ea1412

    • SHA512

      6b7be37d0e6deaa03e04f2e714dbe05c5899552d314517448882479ddf9773293b37356e36a39b10a5c58f8b53a49e4882ae564c8bffe322b0cdd72dcbf894c6

    • SSDEEP

      98304:2sXqxuy4d3DSjdC1gkdTu5LfJZePM54qdSmLkJ8DnKuUCqjP:x6Li3DgQgkdTudKtmLlGDz

    Score
    10/10
    ytstealerspywarestealerupx

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

      stealerytstealer

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks