Overview

overview

10

Static

static

1

URLScan

urlscan

https://www.youtube....

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbXNVRVVRWHFNT3p3N2owUXc0RXBDN3Z4Y25JUXxBQ3Jtc0ttRFBEakRFMHJ4YlY1SllkMTI2Qmx5V2xQN3pseUN6eUcyZzZyb3dHejNpZThUTm9nLUJQakZFWVFQQTBjcGI0d2RnQ2NEallKUm5qU1YyMzdOdUFDcUpzVmw5ZXpTYS1jZXN2MTc0WFdjR0xjVU5Qbw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fv29nva4zio2as%2FGMS&v=8z0_rh3V1u8

  • Sample

    240206-r3zt3sbbgm

Score
10/10
povertystealerredlineinfostealerstealer

Malware Config

Extracted

Family

redline

C2

45.15.156.142:33597

Targets

    • Target

      https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbXNVRVVRWHFNT3p3N2owUXc0RXBDN3Z4Y25JUXxBQ3Jtc0ttRFBEakRFMHJ4YlY1SllkMTI2Qmx5V2xQN3pseUN6eUcyZzZyb3dHejNpZThUTm9nLUJQakZFWVFQQTBjcGI0d2RnQ2NEallKUm5qU1YyMzdOdUFDcUpzVmw5ZXpTYS1jZXN2MTc0WFdjR0xjVU5Qbw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fv29nva4zio2as%2FGMS&v=8z0_rh3V1u8

    Score
    10/10
    povertystealerredlineinfostealerstealer

    • Detect Poverty Stealer Payload

    • Poverty Stealer

      Poverty Stealer is a crypto and infostealer written in C++.

      stealerpovertystealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks