General

  • Target

    17b2b9fea9e177b9a6bc33a3d2979e704c3e4ebdd3aa164b324a7e682f91994d

  • Size

    4.0MB

  • Sample

    220915-dxmexafeej

  • MD5

    c1637f5ef73ebcb8cc14a2e3ca18d5b8

  • SHA1

    c031c68176ce10c6a37a898b315c9e140e5c9d55

  • SHA256

    17b2b9fea9e177b9a6bc33a3d2979e704c3e4ebdd3aa164b324a7e682f91994d

  • SHA512

    b3c523c1959e200154e1cbc164c42ae141012bb23897f80dd03bfa50729be757f0f051346454eca7b12b8c1d244267d3bc24948cda08d2830dd65844d65ffcbc

  • SSDEEP

    98304:n+QTI0+o+5jU+kbXyhGwzqd91b+H0c+NFB:NIG+BUt6qd9p+Hf+l

Malware Config

Targets

    • Target

      17b2b9fea9e177b9a6bc33a3d2979e704c3e4ebdd3aa164b324a7e682f91994d

    • Size

      4.0MB

    • MD5

      c1637f5ef73ebcb8cc14a2e3ca18d5b8

    • SHA1

      c031c68176ce10c6a37a898b315c9e140e5c9d55

    • SHA256

      17b2b9fea9e177b9a6bc33a3d2979e704c3e4ebdd3aa164b324a7e682f91994d

    • SHA512

      b3c523c1959e200154e1cbc164c42ae141012bb23897f80dd03bfa50729be757f0f051346454eca7b12b8c1d244267d3bc24948cda08d2830dd65844d65ffcbc

    • SSDEEP

      98304:n+QTI0+o+5jU+kbXyhGwzqd91b+H0c+NFB:NIG+BUt6qd9p+Hf+l

    • YTStealer

      YTStealer is a malware designed to steal YouTube authentication cookies.

    • YTStealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks