umbral

General

Target

CELEX LEAKED.zip
Size

94KB
Sample

231026-q3q2hacb8z
MD5

cbcff1034cbb80575ad07004ccf4f286
SHA1

b83ce7bdca39e27ca8e0a5960c74b803c17291d8
SHA256

9d74be4b5c98814c3a9729c891a8e902445cae0d3a061d4adaa13a65e22ad6f4
SHA512

c3eb8f8d6daece2143d653c5b06fca961b24ea833e2a0814ba6a16e02bbacc64a370bb47a017de7068cb47ef2af046d5cee17d80f10c5fa3d07e19a9e103c174
SSDEEP

1536:inZlxKCV2qw59IF+uyznvm9W0gH03naoSFFW5dPXDrjQQDZtCjtNPrd1MnlvtDzf:ihKCVY5c+nqn3Vcs5dvf8QfcPrd1SlB7

Score

10^/10

umbral stealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1159867757941248021/kDH2MiU4cAnsfOYaptXxvqYUieVnlJw2t5_0KzuiKnCK1LAiRTXBgUl31_OATShBGq4p

Targets

- Target
  
  CELEX LEAKED.zip
- Size
  
  94KB
- MD5
  
  cbcff1034cbb80575ad07004ccf4f286
- SHA1
  
  b83ce7bdca39e27ca8e0a5960c74b803c17291d8
- SHA256
  
  9d74be4b5c98814c3a9729c891a8e902445cae0d3a061d4adaa13a65e22ad6f4
- SHA512
  
  c3eb8f8d6daece2143d653c5b06fca961b24ea833e2a0814ba6a16e02bbacc64a370bb47a017de7068cb47ef2af046d5cee17d80f10c5fa3d07e19a9e103c174
- SSDEEP
  
  1536:inZlxKCV2qw59IF+uyznvm9W0gH03naoSFFW5dPXDrjQQDZtCjtNPrd1MnlvtDzf:ihKCVY5c+nqn3Vcs5dvf8QfcPrd1SlB7
Score

1^/10
behavioral1
- Target
  
  # CELEX LEAKED.exe
- Size
  
  232KB
- MD5
  
  8442a7b4adbddab8cf5216ca4dc24b86
- SHA1
  
  a66d601df351ec4c6b7bb945bdcd3bf9141c5cc0
- SHA256
  
  4c8fbdef33997462e43be2a94db398957b0d7fb3158e93e408b2ea530a06aa27
- SHA512
  
  5d592e4f431349b03a4af51926384057a78d01d5568a1d1bcbe9f9bd05c6644d6c1ac37462e04352295aaae55ca1133761d17d1bc63b443987ceac666572fe2e
- SSDEEP
  
  6144:rloZM+rIkd8g+EtXHkv/iD4KKZoDiAfbozxUyzzqqub8e1mXi:poZtL+EP8KwoDiAfbozxUyzzqxZ
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
behavioral2
- Target
  
  word to celex..txt
- Size
  
  33B
- MD5
  
  197ed3aadacdd0606dd974b8c72dbdb5
- SHA1
  
  fb4e9155409cec40b39a720ff7d51c6ded5a287e
- SHA256
  
  4b14479d374c3d7b3971c2cf031f71460166e883a90b6cd7b76fb708fb12381b
- SHA512
  
  4314e3aadd7e34b12d9da5983e76b4d35fd0a768de86edf8560d0a4ea89de5682951d8f593d1eccfe7d748d69dcb812cbb80b41e5e53eef5f5bb1e16cb451c9f
Score

1^/10
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Detect Umbral payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3