ytstealer | 4bcb1a4dcb978ce7307748278a3afadc1414b9d4f922b7e7d495d3b7026a7097 | Triage

Submit
Reports

Overview

overview

Static

static

8

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

4bcb1a4dcb978ce7307748278a3afadc1414b9d4f922b7e7d495d3b7026a7097
Size

4.0MB
Sample

220915-d12n1afefn
MD5

ce3bedcfe76cce58d4bcd71a0e477858
SHA1

c2c710d704548048a9010673437aa5f49ae69013
SHA256

4bcb1a4dcb978ce7307748278a3afadc1414b9d4f922b7e7d495d3b7026a7097
SHA512

cd9fa8b3678fd618f412705b07ada41ac8e1a72393e5214b12679b808a2f8e30b869bb16b7d8973f0708d9b10a68c51a7a27c1dbd117b163644b489908a7e90a
SSDEEP

98304:aC+I31cuwmhMATP/3PypwvMF4saKW1tBMNaIMW7hfoN0ZrYSUmF79H:aulEeTnqWvMF3aT1tBMsIMTN0Z3UmF

Score

10^/10

ytstealer spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4bcb1a4dcb978ce7307748278a3afadc1414b9d4f922b7e7d495d3b7026a7097.exe

Resource

win7-20220812-en

ytstealer spyware stealer upx

windows7-x64

7 signatures

300 seconds

Behavioral task

behavioral2

Sample

4bcb1a4dcb978ce7307748278a3afadc1414b9d4f922b7e7d495d3b7026a7097.exe

Resource

win10-20220812-en

ytstealer spyware stealer upx

windows10-1703-x64

6 signatures

300 seconds

Malware Config

Targets

- Target
  
  4bcb1a4dcb978ce7307748278a3afadc1414b9d4f922b7e7d495d3b7026a7097
- Size
  
  4.0MB
- MD5
  
  ce3bedcfe76cce58d4bcd71a0e477858
- SHA1
  
  c2c710d704548048a9010673437aa5f49ae69013
- SHA256
  
  4bcb1a4dcb978ce7307748278a3afadc1414b9d4f922b7e7d495d3b7026a7097
- SHA512
  
  cd9fa8b3678fd618f412705b07ada41ac8e1a72393e5214b12679b808a2f8e30b869bb16b7d8973f0708d9b10a68c51a7a27c1dbd117b163644b489908a7e90a
- SSDEEP
  
  98304:aC+I31cuwmhMATP/3PypwvMF4saKW1tBMNaIMW7hfoN0ZrYSUmF79H:aulEeTnqWvMF3aT1tBMsIMTN0Z3UmF
Score

10^/10

ytstealer spyware stealer upx
- YTStealer
  YTStealer is a malware designed to steal YouTube authentication cookies.
  stealer ytstealer
- YTStealer payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ytstealerspywarestealerupx

behavioral2

ytstealerspywarestealerupx

© 2018-2024

Terms | Privacy