General

  • Target

    SecuriteInfo.com.Trojan.GenericKD.61228389.22202.18148.exe

  • Size

    4.0MB

  • Sample

    220831-qxdh8afabn

  • MD5

    f1fcfddfc287bac854ad33726c342a11

  • SHA1

    1a16e99f426bf6804dbd1b210fe638c4fbccfbe4

  • SHA256

    ec48e4f7a92017942ae73a4636cf0d443edf43e8e6e8668607f9f9d8ad54143e

  • SHA512

    2a0aa0754175374133f6168afec5db96b87b34cd4058acb9515803cb70faa95095dff65c9404fc871bd68fbc56cfb6a888c163e080a3d0f7f2372f6cd5740218

  • SSDEEP

    98304:eyKTPUjhpasOsGeFdoXN92lxptjX3cihtcF:eyqPUHTOgFCXG7p9Bhtc

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan.GenericKD.61228389.22202.18148.exe

    • Size

      4.0MB

    • MD5

      f1fcfddfc287bac854ad33726c342a11

    • SHA1

      1a16e99f426bf6804dbd1b210fe638c4fbccfbe4

    • SHA256

      ec48e4f7a92017942ae73a4636cf0d443edf43e8e6e8668607f9f9d8ad54143e

    • SHA512

      2a0aa0754175374133f6168afec5db96b87b34cd4058acb9515803cb70faa95095dff65c9404fc871bd68fbc56cfb6a888c163e080a3d0f7f2372f6cd5740218

    • SSDEEP

      98304:eyKTPUjhpasOsGeFdoXN92lxptjX3cihtcF:eyqPUHTOgFCXG7p9Bhtc

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks