Overview
overview
10Static
static
10Bunifu.Licensing.dll
windows7-x64
1Bunifu.Licensing.dll
windows10-2004-x64
1Bunifu.UI.....3.dll
windows7-x64
1Bunifu.UI.....3.dll
windows10-2004-x64
1Bunifu.UI....on.dll
windows7-x64
1Bunifu.UI....on.dll
windows10-2004-x64
1Bunifu.UI....ox.dll
windows7-x64
1Bunifu.UI....ox.dll
windows10-2004-x64
1Bunifu.UI....ss.dll
windows7-x64
1Bunifu.UI....ss.dll
windows10-2004-x64
10Bunifu.UI....on.dll
windows7-x64
1Bunifu.UI....on.dll
windows10-2004-x64
1Bunifu.UI....ew.dll
windows7-x64
1Bunifu.UI....ew.dll
windows10-2004-x64
1Bunifu.UI....er.dll
windows7-x64
1Bunifu.UI....er.dll
windows10-2004-x64
1Bunifu.UI....wn.dll
windows7-x64
1Bunifu.UI....wn.dll
windows10-2004-x64
1Bunifu.UI....ck.dll
windows7-x64
1Bunifu.UI....ck.dll
windows10-2004-x64
1Bunifu.UI....ge.dll
windows7-x64
1Bunifu.UI....ge.dll
windows10-2004-x64
1Bunifu.UI....el.dll
windows7-x64
1Bunifu.UI....el.dll
windows10-2004-x64
1Bunifu.UI....ox.dll
windows7-x64
1Bunifu.UI....ox.dll
windows10-2004-x64
1Bunifu.UI....on.dll
windows7-x64
1Bunifu.UI....on.dll
windows10-2004-x64
1Bunifu.UI....el.dll
windows7-x64
1Bunifu.UI....el.dll
windows10-2004-x64
1Bunifu.UI....es.dll
windows7-x64
1Bunifu.UI....es.dll
windows10-2004-x64
1General
-
Target
Umbral.Stealer (2).zip
-
Size
3.3MB
-
Sample
241102-f1pesaxqbx
-
MD5
f355889db3ff6bae624f80f41a52e619
-
SHA1
47f7916272a81d313e70808270c3c351207b890f
-
SHA256
8e95865efd39220dfc4abebc27141d9eae288a11981e43f09cbee6bf90347fe0
-
SHA512
bff7636f6cc0fadfd6f027e2ebda9e80fd5c64d551b2c666929b2d990509af73b082d739f14bb1497be292eafe703ebd5d7188493e2cc34b73d249fe901820eb
-
SSDEEP
98304:XINn7mVoLvbDU48xzliDSjtYV2jg0tsGTplmOhl88uF:mjLvvD8BcSjtAB0zplNl8Z
Behavioral task
behavioral1
Sample
Bunifu.Licensing.dll
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Bunifu.Licensing.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Bunifu.UI.WinForms.1.5.3.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
Bunifu.UI.WinForms.1.5.3.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
Bunifu.UI.WinForms.BunifuButton.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Bunifu.UI.WinForms.BunifuButton.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Bunifu.UI.WinForms.BunifuCheckBox.dll
Resource
win7-20241023-en
Behavioral task
behavioral8
Sample
Bunifu.UI.WinForms.BunifuCheckBox.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Bunifu.UI.WinForms.BunifuCircleProgress.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Bunifu.UI.WinForms.BunifuCircleProgress.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Bunifu.UI.WinForms.BunifuColorTransition.dll
Resource
win7-20240729-en
Behavioral task
behavioral12
Sample
Bunifu.UI.WinForms.BunifuColorTransition.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
Bunifu.UI.WinForms.BunifuDataGridView.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Bunifu.UI.WinForms.BunifuDataGridView.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
Bunifu.UI.WinForms.BunifuDatePicker.dll
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
Bunifu.UI.WinForms.BunifuDatePicker.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
Bunifu.UI.WinForms.BunifuDropdown.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
Bunifu.UI.WinForms.BunifuDropdown.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
Bunifu.UI.WinForms.BunifuFormDock.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
Bunifu.UI.WinForms.BunifuFormDock.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
Bunifu.UI.WinForms.BunifuGauge.dll
Resource
win7-20240729-en
Behavioral task
behavioral22
Sample
Bunifu.UI.WinForms.BunifuGauge.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
Bunifu.UI.WinForms.BunifuGradientPanel.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
Bunifu.UI.WinForms.BunifuGradientPanel.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
Bunifu.UI.WinForms.BunifuGroupBox.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
Bunifu.UI.WinForms.BunifuGroupBox.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
Bunifu.UI.WinForms.BunifuImageButton.dll
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
Bunifu.UI.WinForms.BunifuImageButton.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
Bunifu.UI.WinForms.BunifuLabel.dll
Resource
win7-20241023-en
Behavioral task
behavioral30
Sample
Bunifu.UI.WinForms.BunifuLabel.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
Bunifu.UI.WinForms.BunifuPages.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Bunifu.UI.WinForms.BunifuPages.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Bunifu.Licensing.dll
-
Size
1.3MB
-
MD5
2b2740e0c34a46de31cf9da8a75d77cf
-
SHA1
242324f1112e6387cda41686291b6e9a415eeb8c
-
SHA256
a9be91cae167702885a5ca74273db779e3e391e2e604cc03779ed403c53ebe43
-
SHA512
605eb300b159e6ed2ee872b6ee378eed7dde6541000221fcd94d52057be91cb3c7dd65c7203f05e0718303b157b6fb941498b5e653501f97f0417d459da6bc40
-
SSDEEP
24576:ebkurkdR5uuMeiPUf2lHmdpjrcbYdwcqMw5LTvBrq/WGs1xGUfGUCco:a1roD9MeiUDDjrW4bqD5LDBrqWG0GUfX
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.1.5.3.dll
-
Size
342KB
-
MD5
41c216d27c71a227774e680e95e99f31
-
SHA1
0a2a93d4ecbf4bbec2faf110066c6b4472b0dbf5
-
SHA256
012d717b4ac00c3686a772757f49c1908e223624e3974314cdb9fc9291073305
-
SHA512
e355ba11e41b668e4459f709e87c3e212c8986ea894791d9155791ea9d7315372fb51531eb69204ed2ee38e242de7629e4a2f090c05bf9deeea9ea965ffaf651
-
SSDEEP
6144:3e5XJsDZGUbIf5kqw23B1Q8g2iYcHIc6uWXMIFidNw:qMZGUbIf5T37Q8ncHNAMhNw
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuButton.dll
-
Size
107KB
-
MD5
21f999e5ac72a16077511d41590822de
-
SHA1
d8bb1a8a291f73cdf2b5658b2b65736c87db19dd
-
SHA256
2a62c78f1f0db2e3258135b50f7885e6734c31c74a8f2f5782f285aa268c2f71
-
SHA512
e04fe31870f266d772829053a6bb210a9513ff5c8c0f9a3a267ddbe1875125496caa602baf44a4e241ef84d933bd55b79af43d5871ed10c81711adecee78b8e3
-
SSDEEP
3072:tgiMibnDED3/7f2ih0xdGzFpzUHgmCFKHUUZP0tTwmnkyY:xDDED3/7f2ih0xdGzFpzUHgmCFKHvF0e
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuCheckBox.dll
-
Size
102KB
-
MD5
ef11f59a9381df17d7ab94434f79f260
-
SHA1
ec11e46a636fe3927fd5fa7c30be65b958853ef0
-
SHA256
390252aeb6fd76a954a03853c3d883e0360dc8b3f2cf8cfed5ba94e4e5a24da4
-
SHA512
612b1b0f9204c605ff5e9b91816e674cdaea71fa69f81a5a7f475bf1cc8d5e12687deb1b0118b07b3d7e4764adede0576f8fc799f8155a65a70e5dafff50f73d
-
SSDEEP
1536:JiQsfF22IDMxiQ9MOWnce1Cua4JfhwuKeWbZ6YlX52o3tWQFeOvTT:JifF22IoxChnv1CuhW1xCwdeOvX
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuCircleProgress.dll
-
Size
77KB
-
MD5
bc930a050ca23ea75dbd9deade4189bb
-
SHA1
e6878d381ac1c37c331fd01a25b2ec508e1c1a21
-
SHA256
d5ed95667aa44a80278b80a90413c0de9d85eeb3ca1fa24a40ae71c3ad88d837
-
SHA512
20e2bb3661d2817082c2aa01381b5aee8582fea5fc54be486de5b1e48f302a15779ebe5670221774a5a4d031248b342f3c86084de4f023c197cd210857fb3ff3
-
SSDEEP
768:A8ioretsy7GQLZvAQFe1zbnprSBaqII0OsWjc1B5Nl4WfWQAz6uJi8B4dgUp2hQf:JixnZYQFe722Wj8l4oL+6uJ/BZ4ZTz
-
Detect Umbral payload
-
Umbral family
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
Bunifu.UI.WinForms.BunifuColorTransition.dll
-
Size
38KB
-
MD5
539d803013c0b1592d0e17a740d72687
-
SHA1
b0ce15e0f096d027b1d1482afa9d93bafd160f7a
-
SHA256
500adece1fba76dfb2fa628de9886a2661ed1a4e58a7717a5fee607206bb1d81
-
SHA512
77d8ab7a949db41a79371cf2ebd5d67bd4a38dd040de0073c878f50b2a6409fae2dc5db7cbf375fbc1bc571838b0a6d4848bdecc1420d91633b878585c94b9dd
-
SSDEEP
768:2SfWaEnnh2U2DaRIx0qVuQ/90iAzNIewCqyU659bTTvtM/3JhQTifZs:cs0qVb/95+6ewCqyZ9bfvk0TWZs
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuDataGridView.dll
-
Size
83KB
-
MD5
53765ad5b31fd87986a569bbb79f402c
-
SHA1
75c7ec63458c79ded533d1d4175de4117036adae
-
SHA256
9e61bd6dbcc8d5866bf3a139ea12f453ef4ca8bab28c08329cbc5f0bf13950df
-
SHA512
ea129aab13b09e817be6210bc423bcf4e024c83a5a0340941e7658d4dd0ef6f3b40077527f7d168849ad947650a00d360fa6a5f64c4a8f14dfe72cd4d34469d3
-
SSDEEP
1536:YNBBIrOTrgVCuiPwacJigM8H+duT0R0xSJQ9FTiIb8EtTG:YNBoGgsPiJfedkvu/IFtC
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuDatePicker.dll
-
Size
50KB
-
MD5
a05882bac172c61b5b1bd3f4a56b4320
-
SHA1
9a725973aa498472c253382ff8d766a5d3a41697
-
SHA256
3c1ac3e39665e49327b64887131a53c63379de884b3a6f9a0ab96a36e882ceb7
-
SHA512
a503f5cd0211b123618ecaff83a7930a6b547a1afaad1b93cc5e60bc859e255585a8a94832747422de139f2fe6451b2fcf46b31bac20e12ce60f97983e1af493
-
SSDEEP
768:KMzEetGON+bjRFOchYvP0pbwk4LAzn21AXrpKXyvcgq8/i7l5THL8ZFxIZYzUebj:HsONqjRFO2ZxXpHraUNaT0
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuDropdown.dll
-
Size
50KB
-
MD5
5bc3c478e3c44caf765c6e998dc621f0
-
SHA1
8cd06d3ec991ae3d5c0d935ea03fd7c06d504d53
-
SHA256
f746eef49caaf23939999a89c86787e6d1f4e4c16f667bcfebcaeacb5276e0c8
-
SHA512
3990c0a716e2e0619cd969d75666cacf695b6d40a118ead8a810997a594b558250e4a661e303f383f58bc52cac90e84a2049a50a1295f762b2bdbdb8661c33f0
-
SSDEEP
768:WxidV98e5TsEQgzWC/Vzv/8vWvLMFZhjd5hQTi7q:Y3ehsEQAWQHgW4Zhx0TN
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuFormDock.dll
-
Size
102KB
-
MD5
fff8d46f94011c5bfa4bc1d1fbde3eaa
-
SHA1
c5e978eb89e9646423c3b2a1d7d2651cdbee90f0
-
SHA256
f8052b4641fea785ef643bc06d0e5383555c0845bbe695099bc41ab09a180ef6
-
SHA512
61af0253c05bd33d43d34799eb74d97ae9e3e700281273895026d690f39e3de97034ee51511284a4b6a4150d31977f7ac6fbf4047aa19825564a15eae8be079a
-
SSDEEP
3072:wVypYUOJdOb8UD8m1PxGFXflE2BHjvZKDq6CN:wVypYUSXdbBjvZKDq1N
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuGauge.dll
-
Size
74KB
-
MD5
161768e00f22118c66a84d22e658b008
-
SHA1
7645e52d1aeac19169c8cd1b411200ee808295b8
-
SHA256
0edc3396eb94c33fca4889c5a379e29aed354469957ee55893f565d8f824cacc
-
SHA512
cfcbc3e642f6f9cf904b993a6112e2304055cd88e9bbe2d818842d4e93a5f71ff6a09f8d36c6a64de8701435cabbddbff765307f8c110dcb5bb14d805aeb3422
-
SSDEEP
768:POPW1cKm3/WnwISrek0JCPRjNEp5lW1T31fNEDqz6Zi6EgmaFLGiLjyQXAhQTiQb:PUZewEQRSXlEaDA6w3g7wi3yWLTbb
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuGradientPanel.dll
-
Size
60KB
-
MD5
58be3fb2879bf2614b7854b0e184521a
-
SHA1
fbdce08394b1d11a961c0684d5c0013507dff9e5
-
SHA256
6811dc0f98d2ce9816475207badd010564b7be460f48b8480664f9184824ce5f
-
SHA512
a5635f09a943e0dd969b648ab7d929ba16d734ebc13f96ebde95d1a5cd91e14ba1b2e105c7414816f3d535bbe2be4ad861a16e25d84c2d12dd025898f3743b0d
-
SSDEEP
1536:FpoDvSiiUiiJiiJiiYiKbfbD7v055J6O5v2wunCT6:aSiiUiiJiiJiiYiKbz+bB0Ce
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuGroupBox.dll
-
Size
46KB
-
MD5
e86aafa7c25a2f1654cf95657cacc39c
-
SHA1
c9ab7d835b24b294309abed83efff4cdf102906b
-
SHA256
637b5cac86e245c53af91e41e6479de42df1b5fa5a524f931e034f5b5ee1f259
-
SHA512
8b043a2434681773c6e3d8e73fde70fbb666f57a30f5e3514634ccf5c714979fa89769fc54e3e01fba91c5ac916db44054fdd2a65b4a6c35869b695b8696d96a
-
SSDEEP
768:jODM3ey49Uo613D9ddld3LTeBNsRfMzIz6FzHGptXZEchQTits:jODM3eySWd3/jRam6FzHG2HT6s
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuImageButton.dll
-
Size
155KB
-
MD5
7d68b8af58c87ee29eca74fe8ef2f093
-
SHA1
16e8d2004d2c3a71a8dcb6983b72537079ccfd3b
-
SHA256
32b8eb2fae4a14e8319448cd173b73a8e63234b3816d6407ef95be204cec226d
-
SHA512
6c3f90e7596e0a73cc5da77b92b2d4ed248e49aba2c0c299be4400b8841782415820a44bcca1635a224edc90444559ed14de7dc23fbb7133c0bd86fe93ecd236
-
SSDEEP
3072:28cu9fbsLqRKynlLWwUGR3BKRqbpqtqzh4E6jt/:zfbsFulLASYqddzcZ/
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuLabel.dll
-
Size
420KB
-
MD5
73ca0338c9c3b7901d3621b346c76a7a
-
SHA1
79d26ee6e1bf0beb2ee0593562592de8ff01935b
-
SHA256
a505193910f7b8fd6123c00bb437bff3d2a4f28c970e24207d395554765e6ad4
-
SHA512
53e0b84dffbec8e465955bc91f1207ba56a55543ba3c00c66997b3ee3d4cb904e027915a12f7a9dc79ffef4cde633c9b7543436c4ab97785ca2169bc3d4aeede
-
SSDEEP
6144:IMiEH8iZBKX+7haZYjw1MLZRD0fxrmfD4DJL5f:IMNhZjwKLDCVf5f
Score1/10 -
-
-
Target
Bunifu.UI.WinForms.BunifuPages.dll
-
Size
95KB
-
MD5
170b18df5b12f1eb01c2de4a03e1a043
-
SHA1
2fa3dde71cd17bc2a9fbe8dc05f5e50c94f6cb16
-
SHA256
633c77cbd4074c428a593e9c9769926ecfd484b40305062c6c268edb1fac44ff
-
SHA512
8af0aac446d8efbd0b6cfa58093e21b1201e03057df42d922215237adeebee7d5fc9096d526761424092c2131ae3e0ba9696cf2b51b3aff4f91f0e1902b1b053
-
SSDEEP
1536:QbEFvWVvz9NOLQ1p7eCweuT2CWvlcHF/BmEwMDc2xgAPWTUh:bvmZkLQ/wLT2LcHZBiMVxgAPWwh
Score1/10 -