umbral | 0ee57e25d9dccaa575f6bcd6aa484819da305bb44fe42b88a051061f11713274 | Triage

Submit
Reports

Overview

overview

Static

static

3

Order-Ref ...23.rar

windows7-x64

3

Order-Ref ...23.rar

windows10-2004-x64

3

Order-Ref ...23.exe

windows7-x64

Order-Ref ...23.exe

windows10-2004-x64

Sharing

General

Target

Order-Ref UT15312 07.2023.arj
Size

622KB
Sample

230727-dg9khaaa5t
MD5

91c62b5cfa065013bb48225d0ee7eaac
SHA1

51c8e1dca096276d57bcae926df630d867cf74cd
SHA256

0ee57e25d9dccaa575f6bcd6aa484819da305bb44fe42b88a051061f11713274
SHA512

78aefd6b6fd97b96882c4d2df794e9b70ec316c922ced6f523dbb5025044099259600dba5582b10996737053e3a2725050fa166a1d98d76515243f9ad82d422d
SSDEEP

12288:0vdetIVhNAwsBY1qY+KoU6vQ4fnosnr3D975aURNfpXHec9jHBoyQ:0jhNApe1qtKoU6Y4fnH3B75JRNxuiBoT

Score

10^/10

umbral stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Order-Ref UT15312 07.2023.rar

Resource

win7-20230712-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Order-Ref UT15312 07.2023.rar

Resource

win10v2004-20230703-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

Order-Ref UT15312 07.2023.exe

Resource

win7-20230712-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral4

Sample

Order-Ref UT15312 07.2023.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  Order-Ref UT15312 07.2023.arj
- Size
  
  622KB
- MD5
  
  91c62b5cfa065013bb48225d0ee7eaac
- SHA1
  
  51c8e1dca096276d57bcae926df630d867cf74cd
- SHA256
  
  0ee57e25d9dccaa575f6bcd6aa484819da305bb44fe42b88a051061f11713274
- SHA512
  
  78aefd6b6fd97b96882c4d2df794e9b70ec316c922ced6f523dbb5025044099259600dba5582b10996737053e3a2725050fa166a1d98d76515243f9ad82d422d
- SSDEEP
  
  12288:0vdetIVhNAwsBY1qY+KoU6vQ4fnosnr3D975aURNfpXHec9jHBoyQ:0jhNApe1qtKoU6Y4fnH3B75JRNxuiBoT
Score

3^/10
behavioral1 behavioral2
- Target
  
  Order-Ref UT15312 07.2023.exe
- Size
  
  648KB
- MD5
  
  ef453336c093eeabb30bb54c788d640e
- SHA1
  
  808fd09c9121898ae8af98852a981b51a8e362e8
- SHA256
  
  e673799c649ad85cfac2fdca9ca5924ba17e7d7f10220ea183f81a9f25d3418e
- SHA512
  
  2df3cf544fbc9764ae3fae28e73f9e90bbec5e5c7ba5ae1390dbf7968b9ac2da96b569e4343ff74b4b7ef299b5dc05cb2b1fb2c9498f2e61d7e6bf10f6ccd40d
- SSDEEP
  
  12288:8f2iN2GULjRpIRbUatfj3VMFJdWe4bwdD2QROHp/ZxBvH9ZycelO2m:8f1xULjRpIuOjSpV48dD+fBvnelO2m
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Suspicious use of SetThreadContext
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2025

Terms | Privacy