Extracted

• • Target

    0x000a000000012248-8.dat

  • Size

    232KB

  • MD5

    4867d27de23cded5f2229c322bf6f3fe

  • SHA1

    04cd16ac5d6a2f5b7bc1db8cdefd128d0f6c2fe1

  • SHA256

    94357a5e0e0d52490a07fffd0a8940f7ffdf25acb16602d83120fc99722f88eb

  • SHA512

    b7ced6d7a420c55813388755d765a015cb65c6393cdeffaff4be6cb7c00845434161a3282ce7d316800da42766d9c309487dc2e96b74340f47b20032632f8909

  • SSDEEP

    6144:iloZM7rIkd8g+EtXHkv/iD4j9TBMS1Nm3zus9x4yqb8e1mBi:soZ0L+EP8j9TBMS1Nm3zus9x4FL

  Score

  10^/10

  umbralstealer

  • Detect Umbral payload

  • Umbral

    Umbral stealer is an opensource moduler stealer written in C#.

    stealerumbral

  • Umbral family

    umbral

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2