umbral | 0062b0beca2ac3cab8bdeb8db133c4d527cf2b5b1641e7313a911d77aca77787 | Triage

Submit
Reports

Overview

overview

Static

static

WheatEngine/Wheat.exe

windows7-x64

WheatEngine/Wheat.exe

windows10-2004-x64

Sharing

General

Target

WheatEngine.zip
Size

127KB
Sample

231111-jnrk6ade99
MD5

e6e09967547c68263304a145968261f2
SHA1

9bdd4723986987d50165739f74b5fbb53ecc5ab6
SHA256

0062b0beca2ac3cab8bdeb8db133c4d527cf2b5b1641e7313a911d77aca77787
SHA512

e08c38b505712e48ccda5f1fa7a479418046d4f79213877f5617b518279ab18fa0378d0968fd3a223ed54a9d9fd1f28f7ab3471fd1dd11d61d772f9be0877926
SSDEEP

3072:Eqc0KKUjEIATqpmZAhJFsPyNw4N30dzl61SWoJTkU:E5KUjEIV0Z9yNwa3gzM1SWoBkU

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

WheatEngine/Wheat.exe

Resource

win7-20231025-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

WheatEngine/Wheat.exe

Resource

win10v2004-20231020-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://canary.discord.com/api/webhooks/1172682479925211166/fNObiYsvVWaiyhDTsjUjsr6ocoSGjGvcdEU8FCCT5VkNtN8ANc1ue7Yhp_7qf8h4xaLR

Targets

- Target
  
  WheatEngine/Wheat.exe
- Size
  
  495KB
- MD5
  
  4e2a73bd98c17dd035e693d38d96b829
- SHA1
  
  be8facb176e8d0bfb14c42d969a6f37d53bd5dce
- SHA256
  
  5dcb951d3badbefb19c3e5af092f3b3561ad272ff75b41e1f84cd27dd88969dd
- SHA512
  
  4b4d1829fdac62f24b54871a3e09156ec17a3d943c1d3fa22bbf05d2f1523fee3ad3bae9afe9aa1ff0056e8cd19c0bfab2aa4c9471b24b3a5b454860b40f67a8
- SSDEEP
  
  6144:floZMDXU9Zx0kt8X0/PSCsMnVRaYe5xyDXKYZd8jNb8e1mziN:doZnf0kkPaVRaYe5xyDXKYZd85l
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy