Resubmissions

25-11-2023 12:15

231125-pe82qsae24 10

25-11-2023 12:14

231125-pedwlaad98 10

25-11-2023 11:56

231125-n316csba21 10

General

  • Target

    Zul Free.exe

  • Size

    230KB

  • Sample

    231125-pedwlaad98

  • MD5

    a47cffac2602038b4cfc070f8a05243a

  • SHA1

    4111453f445d10ef516e98a000cc84845658dabe

  • SHA256

    29456c78a229429c66b4ce8997c9bb6593ad9b4e8928e094eb25caf4a7ee0e40

  • SHA512

    e390d7c96e2b5b2cad52b80c276787cb37d7ca3a171868037c1f1ef9e58177baa9e07f8866e0a95560ee9e0af0a38ba218f9feeaf1f19d77915f9e5c08d4070d

  • SSDEEP

    6144:1loZM+rIkd8g+EtXHkv/iD4tT1FzQEbqCzFQMpxbztjFK8e1mOvi:XoZtL+EP8tT1FzQEbqCzFQMpVpjy0

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1156026520003936297/W8Ijh4VOw1A0oT7l38oDF7pa28tJ_hrPwUPLuxpT7w0A6BeG4alvRN79hvJ6qO7NgoP5

Targets

    • Target

      Zul Free.exe

    • Size

      230KB

    • MD5

      a47cffac2602038b4cfc070f8a05243a

    • SHA1

      4111453f445d10ef516e98a000cc84845658dabe

    • SHA256

      29456c78a229429c66b4ce8997c9bb6593ad9b4e8928e094eb25caf4a7ee0e40

    • SHA512

      e390d7c96e2b5b2cad52b80c276787cb37d7ca3a171868037c1f1ef9e58177baa9e07f8866e0a95560ee9e0af0a38ba218f9feeaf1f19d77915f9e5c08d4070d

    • SSDEEP

      6144:1loZM+rIkd8g+EtXHkv/iD4tT1FzQEbqCzFQMpxbztjFK8e1mOvi:XoZtL+EP8tT1FzQEbqCzFQMpVpjy0

    Score
    10/10
    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.