General

  • Target

    yu.exe

  • Size

    4.0MB

  • Sample

    220831-jk812abafj

  • MD5

    da70d0aab8cad0887e5e9b5174c9d87d

  • SHA1

    af5096c0b9fd4f4926850c4479c8e0e0eac8c91b

  • SHA256

    6617c1ab08b88711538b600fc4c5cf76098088b436185f5590cdb0e1fc1f6b13

  • SHA512

    c100a08bccfa00dcf93160b6174940db1b6839aafbbaec8caa25c4c0e004c96aebf243552df85b7dff56915401bfcb0ecb9caa9bce2edf0d29a9b52c849ebcc5

  • SSDEEP

    98304:SsFwGLi2ftBJTM3YQl25QrsIFuzsfuzCCsAp0a9Hqt:SeL7tBJSYChrZHfeCCz7

Malware Config

Targets

    • Target

      yu.exe

    • Size

      4.0MB

    • MD5

      da70d0aab8cad0887e5e9b5174c9d87d

    • SHA1

      af5096c0b9fd4f4926850c4479c8e0e0eac8c91b

    • SHA256

      6617c1ab08b88711538b600fc4c5cf76098088b436185f5590cdb0e1fc1f6b13

    • SHA512

      c100a08bccfa00dcf93160b6174940db1b6839aafbbaec8caa25c4c0e004c96aebf243552df85b7dff56915401bfcb0ecb9caa9bce2edf0d29a9b52c849ebcc5

    • SSDEEP

      98304:SsFwGLi2ftBJTM3YQl25QrsIFuzsfuzCCsAp0a9Hqt:SeL7tBJSYChrZHfeCCz7

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks