Overview

overview

10

Static

static

10

testone.exe

windows10-2004-x64

10

Resubmissions

26-06-2023 18:25

230626-w2tznabc97 10

26-06-2023 18:24

230626-w17t5acb91 10

26-06-2023 18:22

230626-wz7gzabc88 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    testone.exe

  • Size

    229KB

  • Sample

    230626-wz7gzabc88

  • MD5

    27eade2098a995bea21837cc28399e7e

  • SHA1

    3100f2f77ca8fd8d6c3f6a55285650e0f9ffaffe

  • SHA256

    4cbe7a16f2a8df8a51aa0f50f65d9d97195b254072589e87c54ba53e458c8a89

  • SHA512

    3830c7b09d3c250d3a7faf6adce46fabb45dd4ca96ad4e647b7b3c51987d79282a10030b7363fac380de642ab1a1940767dc5ce23b7d92429e984d73f0ffb53f

  • SSDEEP

    6144:9loZMXXU9Zx0kt8X0/PSCsMT9aY6ecjfU61gevPeDAb8e1m4i:foZDf0kkP6AY6ecjfU61gevPes6

Score
10/10
umbralspywarestealer

Malware Config

Extracted

Family

umbral

C2

https://canary.discord.com/api/webhooks/1122952465063612421/Bz3tYEXYmVU2e4c5-1j8AyVX1r6p9ZEvLpzX95HtQ7Rg9Ty4r__5k6VGkLtHJHfTL9F-

Targets

    • Target

      testone.exe

    • Size

      229KB

    • MD5

      27eade2098a995bea21837cc28399e7e

    • SHA1

      3100f2f77ca8fd8d6c3f6a55285650e0f9ffaffe

    • SHA256

      4cbe7a16f2a8df8a51aa0f50f65d9d97195b254072589e87c54ba53e458c8a89

    • SHA512

      3830c7b09d3c250d3a7faf6adce46fabb45dd4ca96ad4e647b7b3c51987d79282a10030b7363fac380de642ab1a1940767dc5ce23b7d92429e984d73f0ffb53f

    • SSDEEP

      6144:9loZMXXU9Zx0kt8X0/PSCsMT9aY6ecjfU61gevPeDAb8e1m4i:foZDf0kkP6AY6ecjfU61gevPes6

    Score
    10/10
    umbralspywarestealer

    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

      stealerumbral

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks