Extracted

• • Target

    nopen.exe

  • Size

    229KB

  • MD5

    d1763b6d491b8027a8812b3337e4fb03

  • SHA1

    d4a446e00e1c14e6dc4481ab0f9e97773e9cad7d

  • SHA256

    154115262885b920680ca7d9160a046a1d3d01ddadbe43ae9af80dad1c0b03d0

  • SHA512

    0a4711e51463ca4ec5bd65c6b518e4d89af654b44fe88dee68e2107b6a56a930d7cd5fa6d785947cedb4e7d42172c55190c4b28a981923dcce7bb31575a4c53e

  • SSDEEP

    6144:tloZMifsXtioRkts/cnnK6cMlaeTRR/k4XpG/BcoNqhyvI8e1mbi:voZetlRk83MlaeTRR/k4XpG/BcoNqZ1

  Score

  10^/10

  umbralpersistencestealer

  • Detect Umbral payload

  • Umbral

    Umbral stealer is an opensource moduler stealer written in C#.

    stealerumbral

  • Modifies Installed Components in the registry

    persistence

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1