umbral | df837d571a8f552df3a44469366f7d6c37d433da7e6c7ca9becd765fc8ba0d96 | Triage

Submit
Reports

Overview

overview

Static

static

ASyncInstaller.exe

windows10-2004-x64

Sharing

General

Target

ASyncInstaller.zip
Size

92KB
Sample

230626-wx2hyacb9t
MD5

92cbb4a37908962409c06c3b49d1b10f
SHA1

77a6ee8b92e295e532cc336839d3bf4b4a4a5930
SHA256

df837d571a8f552df3a44469366f7d6c37d433da7e6c7ca9becd765fc8ba0d96
SHA512

793abf7191ae17f45ab58598be41e6701c07e9d79e26264d43739c40bb405513623778943d8d2b09aaeb08ebdd26de6dc365e35a54aa59392f39c177a85ce37d
SSDEEP

1536:g67eqQRbCDgubHUZb/H+YAyxBpooybvHqx5fpM7NQljth9m52JocwR5ypVOocPHX:laCDgubHUlf+YAgpoBHqjfpMqls5swSw

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ASyncInstaller.exe

Resource

win10v2004-20230621-en

windows10-2004-x64

10 signatures

1800 seconds

Malware Config

Extracted

Family

umbral

C2

https://canary.discord.com/api/webhooks/1122952465063612421/Bz3tYEXYmVU2e4c5-1j8AyVX1r6p9ZEvLpzX95HtQ7Rg9Ty4r__5k6VGkLtHJHfTL9F-

Targets

- Target
  
  ASyncInstaller.exe
- Size
  
  237KB
- MD5
  
  1f94b0726f9c4ccde5292a244e595c1e
- SHA1
  
  ee2db8938d1ac5592c6eacf365b1c120babb1322
- SHA256
  
  50a9e0e6b3593f062d99c960114ee9db03359c56f2c515a819a9b2d1f3826d24
- SHA512
  
  be5298ccae48eaaca14208d4de64683d50b4c0ce2ad41fff114e090f43e9ce42724fccc64cea09ae55dadf66dad96d367383c0680fabec271fbc409327be5bca
- SSDEEP
  
  6144:NloZMLXU9Zx0kt8X0/PSCsMPuzc9rI8jz67NokRShb8e1m+6il:PoZPf0kkP+uzc9rI8jz67NokRev
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy