ytstealer | 29f9205c7063e4206620ec4b0477ad552f13ed4bf09f8eb4ee5297105d78eecf | Triage

Submit
Reports

Overview

overview

Static

static

8

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

29f9205c7063e4206620ec4b0477ad552f13ed4bf09f8eb4ee5297105d78eecf
Size

4.0MB
Sample

220830-bwgrxsaha9
MD5

431ece593025bf4be297ace05f048d11
SHA1

35d89fc6d5f2b2cb413dc0a08ed52859914c2b49
SHA256

29f9205c7063e4206620ec4b0477ad552f13ed4bf09f8eb4ee5297105d78eecf
SHA512

e4c990fa82d51a7f3795cf9d9244805825c4a8c506bf2f2200bae695883cc7827e0102bc1d46b9d61087ecc5c63b4a406fbf52452fe8ef483459dcbb5fcc9a4c
SSDEEP

98304:cJCLs7i0yGKw6DEQbVmI4mbLW9ZhAf0JwTnu5X7nTxZ:cAR0yGX63PV0hnwTnut7Tx

Score

10^/10

ytstealer spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

29f9205c7063e4206620ec4b0477ad552f13ed4bf09f8eb4ee5297105d78eecf.exe

Resource

win7-20220812-en

ytstealer spyware stealer upx

windows7-x64

7 signatures

300 seconds

Behavioral task

behavioral2

Sample

29f9205c7063e4206620ec4b0477ad552f13ed4bf09f8eb4ee5297105d78eecf.exe

Resource

win10-20220812-en

ytstealer spyware stealer upx

windows10-1703-x64

6 signatures

300 seconds

Malware Config

Targets

- Target
  
  29f9205c7063e4206620ec4b0477ad552f13ed4bf09f8eb4ee5297105d78eecf
- Size
  
  4.0MB
- MD5
  
  431ece593025bf4be297ace05f048d11
- SHA1
  
  35d89fc6d5f2b2cb413dc0a08ed52859914c2b49
- SHA256
  
  29f9205c7063e4206620ec4b0477ad552f13ed4bf09f8eb4ee5297105d78eecf
- SHA512
  
  e4c990fa82d51a7f3795cf9d9244805825c4a8c506bf2f2200bae695883cc7827e0102bc1d46b9d61087ecc5c63b4a406fbf52452fe8ef483459dcbb5fcc9a4c
- SSDEEP
  
  98304:cJCLs7i0yGKw6DEQbVmI4mbLW9ZhAf0JwTnu5X7nTxZ:cAR0yGX63PV0hnwTnut7Tx
Score

10^/10

ytstealer spyware stealer upx
- YTStealer
  YTStealer is a malware designed to steal YouTube authentication cookies.
  stealer ytstealer
- YTStealer payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ytstealerspywarestealerupx

behavioral2

ytstealerspywarestealerupx

© 2018-2024

Terms | Privacy