Extracted

• • Target

    e0310128f52613f4c4d92709888560dcfc9fd5d6501e1bd75b1c5ed3646cf8c0.exe

  • Size

    266KB

  • MD5

    1207c1981b07615b9c02fb400030fa04

  • SHA1

    02abf488720b4bd450fedc5a34ed59f66d8e73e8

  • SHA256

    e0310128f52613f4c4d92709888560dcfc9fd5d6501e1bd75b1c5ed3646cf8c0

  • SHA512

    4051b8d7f9c36e03141afb3c573fb3525a33238fd6ddb8085c78e31fe89b6f0ffbb77e54c5d21bc404bb1f69e3cf8280eb6d42196d84ee80e4dfd07b8eca3b0b

  • SSDEEP

    6144:HloZMLrIkd8g+EtXHkv/iD4LEXrfPlO2Zic1niinT4Xb8e1mfi/eYk:FoZ0L+EP8LQrfPlO2Zic1niinTqh/Zk

  Score

  10^/10

  umbralstealerdiscovery

  • Detect Umbral payload

  • Umbral

    Umbral stealer is an opensource moduler stealer written in C#.

    stealerumbral

  • Umbral family

    umbral

  • Downloads MZ/PE file

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2