ytstealer | 6617c1ab08b88711538b600fc4c5cf76098088b436185f5590cdb0e1fc1f6b13 | Triage

Submit
Reports

Overview

overview

Static

static

8

yu.exe

windows7-x64

yu.exe

windows10-2004-x64

Sharing

General

Target

yu.exe
Size

4.0MB
Sample

220831-jk812abafj
MD5

da70d0aab8cad0887e5e9b5174c9d87d
SHA1

af5096c0b9fd4f4926850c4479c8e0e0eac8c91b
SHA256

6617c1ab08b88711538b600fc4c5cf76098088b436185f5590cdb0e1fc1f6b13
SHA512

c100a08bccfa00dcf93160b6174940db1b6839aafbbaec8caa25c4c0e004c96aebf243552df85b7dff56915401bfcb0ecb9caa9bce2edf0d29a9b52c849ebcc5
SSDEEP

98304:SsFwGLi2ftBJTM3YQl25QrsIFuzsfuzCCsAp0a9Hqt:SeL7tBJSYChrZHfeCCz7

Score

10^/10

ytstealer spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

yu.exe

Resource

win7-20220812-en

ytstealer spyware stealer upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

yu.exe

Resource

win10v2004-20220812-en

ytstealer spyware stealer upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  yu.exe
- Size
  
  4.0MB
- MD5
  
  da70d0aab8cad0887e5e9b5174c9d87d
- SHA1
  
  af5096c0b9fd4f4926850c4479c8e0e0eac8c91b
- SHA256
  
  6617c1ab08b88711538b600fc4c5cf76098088b436185f5590cdb0e1fc1f6b13
- SHA512
  
  c100a08bccfa00dcf93160b6174940db1b6839aafbbaec8caa25c4c0e004c96aebf243552df85b7dff56915401bfcb0ecb9caa9bce2edf0d29a9b52c849ebcc5
- SSDEEP
  
  98304:SsFwGLi2ftBJTM3YQl25QrsIFuzsfuzCCsAp0a9Hqt:SeL7tBJSYChrZHfeCCz7
Score

10^/10

ytstealer spyware stealer upx
- YTStealer
  YTStealer is a malware designed to steal YouTube authentication cookies.
  stealer ytstealer
- YTStealer payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ytstealerspywarestealerupx

behavioral2

ytstealerspywarestealerupx

© 2018-2024

Terms | Privacy