win.ytstealer (Back to overview)


According to Intezer, YTStealer is a malware whose objective is to steal YouTube authentication cookies. As a stealer, it operates like many other stealers. The first thing it does when it’s executed is to perform some environment checks. This is to detect if the malware is being analyzed in a sandbox.

2022-09-15SekoiaThreat & Detection Research Team
PrivateLoader: the loader of the prevalent ruzki PPI service
Agent Tesla Coinminer DanaBot DCRat Eternity Stealer Glupteba Mars Stealer NetSupportManager RAT Nymaim Nymaim2 Phoenix Keylogger PrivateLoader Raccoon RedLine Stealer SmokeLoader Socelars STOP Vidar YTStealer
2022-06-29IntezerJoakim Kennedy
YTStealer Malware: “YouTube Cookies! Om Nom Nom Nom”

There is no Yara-Signature yet.