Overview

overview

10

Static

static

10

Impact.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Impact.exe

  • Size

    6.3MB

  • Sample

    240304-swagaadf3v

  • MD5

    eb0e04cc115c3dbae1a4c72872403c36

  • SHA1

    b8ad299c7b5dd2457aab50670e34061e093fd55d

  • SHA256

    5c14655f524f959b7cf27da32d3994e63329a5ad86e7e1bc98fe08a641ad9234

  • SHA512

    ca155aced689e5d0494709edea775db5b17b06027569dba9f6e1ef1370abeb57952c55740e92090ed8186363e48f119c64eb1a84267a642aba725da1a0073e89

  • SSDEEP

    98304:nB38757d1xzB92ETr/SG/e6ML0kySVPziZ42xBTBcSn7JNXjEFsZg5co:Bs7D1xH3/SG/KL0fSNmZ9xhBj7zzes6B

Score
10/10
umbralspywarestealer

Malware Config

Targets

    • Target

      Impact.exe

    • Size

      6.3MB

    • MD5

      eb0e04cc115c3dbae1a4c72872403c36

    • SHA1

      b8ad299c7b5dd2457aab50670e34061e093fd55d

    • SHA256

      5c14655f524f959b7cf27da32d3994e63329a5ad86e7e1bc98fe08a641ad9234

    • SHA512

      ca155aced689e5d0494709edea775db5b17b06027569dba9f6e1ef1370abeb57952c55740e92090ed8186363e48f119c64eb1a84267a642aba725da1a0073e89

    • SSDEEP

      98304:nB38757d1xzB92ETr/SG/e6ML0kySVPziZ42xBTBcSn7JNXjEFsZg5co:Bs7D1xH3/SG/KL0fSNmZ9xhBj7zzes6B

    Score
    10/10
    umbralspywarestealer

    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

      stealerumbral

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks