General

  • Target

    123.exe

  • Size

    4.0MB

  • Sample

    220831-kexw9abehj

  • MD5

    54d16b2bd83331c4512e3392271ac098

  • SHA1

    313327e368810eae000d565f642a33ae3fc47fef

  • SHA256

    cecc58f7e5b69e0b2159f68ca5ee38f36b59a0adbe36f8a93e791f8788488fb5

  • SHA512

    9a613dd5e73d001e7a5fc71433619c6ffe7f1208b4930652e8a3c5e34330e7c7baf588a1386126d4a131041ad6162dfb390a3174f3cf511eaada1d00b4c314b3

  • SSDEEP

    98304:aMXrxoP12YqQvOY3bpQQThqO04uQtXrLG+O/ee1:ayxoPgKvdlZ2utXrS+i

Malware Config

Targets

    • Target

      123.exe

    • Size

      4.0MB

    • MD5

      54d16b2bd83331c4512e3392271ac098

    • SHA1

      313327e368810eae000d565f642a33ae3fc47fef

    • SHA256

      cecc58f7e5b69e0b2159f68ca5ee38f36b59a0adbe36f8a93e791f8788488fb5

    • SHA512

      9a613dd5e73d001e7a5fc71433619c6ffe7f1208b4930652e8a3c5e34330e7c7baf588a1386126d4a131041ad6162dfb390a3174f3cf511eaada1d00b4c314b3

    • SSDEEP

      98304:aMXrxoP12YqQvOY3bpQQThqO04uQtXrLG+O/ee1:ayxoPgKvdlZ2utXrS+i

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks