Extracted

• • Target

    idk2.exe

  • Size

    235KB

  • MD5

    d68fd8be41d485b139ea640cabdf67f5

  • SHA1

    84b9aaf719f73475cd38734229bd3bba02ddbf71

  • SHA256

    68d09f04adfbf4e1f6735771a83da8b3869e236dc2154bb3ae89ccc03e10abf4

  • SHA512

    b457364be0e9ec42cdf1d486ed2ce54e8f1df309fd817fc708802476b37b6b630b9dcbf334d7476c9b83e9ccb06df66a2eed4afad42b50d3d7a64c95adc8df4d

  • SSDEEP

    6144:7eWRxYAv9MFiTC6SxlcACBT+jAtGSAdd2ylRHnry6oYCX:711MFUuxDGwJd2ylhnG6oYCX

  Score

  10^/10

  umbralstealer

  • Detect Umbral payload

  • Umbral

    Umbral stealer is an opensource moduler stealer written in C#.

    stealerumbral

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2