General

  • Target

    b22daf5bfcbdcd0032f07a012e34ee6eb102203963b2f488dd1cf9d14b60550f

  • Size

    4.0MB

  • Sample

    220831-gfxq4ahgan

  • MD5

    16ff8074ba61c2a46cdb6c72c2c6057d

  • SHA1

    5e7c56085209a3190a2a831fffefdeef192a6b25

  • SHA256

    b22daf5bfcbdcd0032f07a012e34ee6eb102203963b2f488dd1cf9d14b60550f

  • SHA512

    674c22cee088d96d42d43aa7cbd7988c01318a211185be6767e43c50dbdf5e7f0dd9e65be123127744015e17c34415feef727a08f237e350ccd04068ce28ddce

  • SSDEEP

    98304:6frhftGYPM0XYf+XVmWMscdmJ6DVAlyW7:6fZ3PMdf88dscd3Vhe

Malware Config

Targets

    • Target

      b22daf5bfcbdcd0032f07a012e34ee6eb102203963b2f488dd1cf9d14b60550f

    • Size

      4.0MB

    • MD5

      16ff8074ba61c2a46cdb6c72c2c6057d

    • SHA1

      5e7c56085209a3190a2a831fffefdeef192a6b25

    • SHA256

      b22daf5bfcbdcd0032f07a012e34ee6eb102203963b2f488dd1cf9d14b60550f

    • SHA512

      674c22cee088d96d42d43aa7cbd7988c01318a211185be6767e43c50dbdf5e7f0dd9e65be123127744015e17c34415feef727a08f237e350ccd04068ce28ddce

    • SSDEEP

      98304:6frhftGYPM0XYf+XVmWMscdmJ6DVAlyW7:6fZ3PMdf88dscd3Vhe

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks