Extracted

• • Target

    f67268d2659ceb1e8cf8a7560784372294bcd8f249f7c0efdf33216722a5f0bbN

  • Size

    229KB

  • MD5

    56c788116da32ec8e9ac3b1b0e66b520

  • SHA1

    545f203f2bdf6fac2f131a76a5f36e21637b27ca

  • SHA256

    f67268d2659ceb1e8cf8a7560784372294bcd8f249f7c0efdf33216722a5f0bb

  • SHA512

    7da85b8e5f92f4a448a10f5c60c21f46b3eb511fda461b15956339ca7130c901e05ad58856a3a3903cdb52b81c4051d3bb0222e87aefab87136351d1ff01734f

  • SSDEEP

    6144:9loZM+rIkd8g+EtXHkv/iD4NFWuSQPL4PBECDjaawjmb8e1mmSsi:foZtL+EP8NFWuSQPL4PBECDjaEm

  Score

  10^/10

  umbralstealer

  • Detect Umbral payload

  • Umbral

    Umbral stealer is an opensource moduler stealer written in C#.

    stealerumbral

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2