Overview

overview

10

Static

static

10

celex-main.exe

windows7-x64

10

celex-main.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    celex-main.exe

  • Size

    229KB

  • Sample

    230823-fvheaahh76

  • MD5

    c876042a9dc5dc33a953a49aa676524f

  • SHA1

    359f4ce116552d3118b0d866c974ef127dd3d76f

  • SHA256

    d8f6b5f8af4f9741a4f4c8b3b8bb3618120944b660eb6387ca8d3f0bb3d6d8d6

  • SHA512

    31f6087e90927c64bef27535321a679f7bd1f00e5c54ae52460b63c56244a8134dd47428627c9f8c99c13478a556fe4506a99f32664d64b6258b73c5c8221aaa

  • SSDEEP

    3072:rmpcjvqySgPA9+D9Cocawot18PeXndP5xHki0sMXSl8eN7sbXKcGTSYE:WcWoPAQRrt18ePxHk7y8eNYOpS

Score
10/10
umbralstealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1143539453261000744/aOaDeR72xE-7NCCQoV51Dj-HW0EE6N2H1U3a9GDATYTZYnQHD44szIHHhRvBmmTUv9JU

Targets

    • Target

      celex-main.exe

    • Size

      229KB

    • MD5

      c876042a9dc5dc33a953a49aa676524f

    • SHA1

      359f4ce116552d3118b0d866c974ef127dd3d76f

    • SHA256

      d8f6b5f8af4f9741a4f4c8b3b8bb3618120944b660eb6387ca8d3f0bb3d6d8d6

    • SHA512

      31f6087e90927c64bef27535321a679f7bd1f00e5c54ae52460b63c56244a8134dd47428627c9f8c99c13478a556fe4506a99f32664d64b6258b73c5c8221aaa

    • SSDEEP

      3072:rmpcjvqySgPA9+D9Cocawot18PeXndP5xHki0sMXSl8eN7sbXKcGTSYE:WcWoPAQRrt18ePxHk7y8eNYOpS

    Score
    10/10
    umbralstealer

    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

      stealerumbral

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks