Extracted

• • Target

    2222.exe

  • Size

    227KB

  • MD5

    2d609a4bb5b23b1811bf7f18c8d86504

  • SHA1

    b3c21506848edd61dcc21e71ecbba740a9929f5b

  • SHA256

    419f948e7da8922465cefdda7d2a6b86adf6a6165c8bcf79963e5b2fd8a8f7d5

  • SHA512

    a73c96bba173c30e64a6d49a9da26b49fca44828f7d3aaa14d4070d1b55b0d0a891e3ba42565c6e94d4ebf085cbb6742b7f5c6956d1019d8fd4cdf07d13953e0

  • SSDEEP

    6144:+loZMorIkd8g+EtXHkv/iD44Z44KInDAvZMK7bCpHb8e1mp8i:ooZHL+EP84Z44KInDAvZMK7bC9qV

  Score

  10^/10

  umbralspywarestealer

  • Detect Umbral payload

  • Umbral

    Umbral stealer is an opensource moduler stealer written in C#.

    stealerumbral

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2behavioral3behavioral4