Extracted

• • Target

    Apk cheat.exe

  • Size

    293KB

  • MD5

    614e229e10fe41a0b4e9a6fa6f856e74

  • SHA1

    06d61cb69492653dd0ba314d81414d9d16e72082

  • SHA256

    a7eb41e0e607b11745a856b4148ffaa9b946abb8c859a6fd9a31508bfb164af4

  • SHA512

    58645f3b55a6c517ce620b743405948e3c1468baa5bd7949848906d9ff26e4f6a0ab30be7f5946a80258f5e6d57714ac25a808182bb2efb6a6d9d6b1c1239569

  • SSDEEP

    6144:WloZMCrIkd8g+EtXHkv/iD4mIjHZHMgPbu35EwFQrb8e1mbi:goZRL+EP8mIjHZHMgPbu35EwFG1

  Score

  10^/10

  umbralspywarestealer

  • Detect Umbral payload

  • Umbral

    Umbral stealer is an opensource moduler stealer written in C#.

    stealerumbral

  • Drops file in Drivers directory

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1