There's Something About CryptBot: Yet Another Silly Stealer

216.73.216.226

There's Something About CryptBot: Yet Another Silly Stealer

· Published 11/09/2024 08:02 · Modified 11/09/2024 08:23

Essential information

Published: 11/09/2024 08:02
Modified: 11/09/2024 08:23
Tags: 2024-09-11 cryptbot downloader exfiltration infostealer malware mustardsandwich netsupport stealer yass
Related entities: 13 observables, 18 techniques (mitre), 4 malware

Description

This report provides an in-depth technical analysis of a new variant of the CryptBot infostealer, dubbed Yet Another Silly Stealer (YASS). It details the delivery chain, involving the MustardSandwich downloader, and dissects the YASS payload's functionalities, including its data gathering, encryption, and exfiltration mechanisms. The report also highlights similarities and differences between YASS and its predecessor, CryptBot, offering insights into the evolution of this malware family.

External references

https://intezer.com/blog/research/cryptbot-yet-another-silly-stealer-yass/
https://otx.alienvault.com/pulse/66e14e9f37e437974577602c