umbral | fae90e57bc713e7767ee8c8ee9a7e7decfb9f92da733bcff2f9bf58660722114 | Triage

Sharing

General

Target

uex(1).zip
Size

17.0MB
Sample

231202-q699jsdc3z
MD5

ac45a2d422ecc58df471a50f322ff8b9
SHA1

1ab1ec7168c0cddad3682396ab17eed06ad24c3d
SHA256

fae90e57bc713e7767ee8c8ee9a7e7decfb9f92da733bcff2f9bf58660722114
SHA512

60cb0137435f5dcbb603bed99323da6dcaf48ef09f18d323875368e07629c7c3fbbb5c0688338d7e1d0a7f5ff500dd759212b2be32f6f8dec45cb77021b8bcd8
SSDEEP

393216:8KHt19Xcmx/NXgjX0rNoXp93vJz5w9zZkoQP/HfTsZQZg6m:8KNrXRx/qwrNE3vJ5ezZkHP/Yem

Score

10^/10

umbral pyinstaller stealer

Malware Config

Targets

- Target
  
  uex/setup.exe
- Size
  
  6.0MB
- MD5
  
  8489e54b239a4f9793269770a7612769
- SHA1
  
  fa78770f7a70ceabf64ca24abfe2f2ae1d79b042
- SHA256
  
  871f8e67dafbdacf262ee0d3fa723303de4f56af6de5410ef5ee76ecb0d38bd4
- SHA512
  
  b9c5727e8036d2109eff64c3f0536dd9e9d5b80b4d968334093b225bc33bc4d46fbf0f0f737b3ea040871a711d37d0d4355aec62fcee132535c4242428719f9d
- SSDEEP
  
  196608:zo3I4KJ9onJ5hrZEjyiU8AdZYJERurTKTQRB:BFJ9c5hlEbAdZYygrWsR
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  uex/uex.exe
- Size
  
  12.0MB
- MD5
  
  e9f66568451a14003ec21c22d9cfce35
- SHA1
  
  b5c8156a89b54a146d645e917e93017078e993d4
- SHA256
  
  fac4a406209de8275865722de6805574e8be3e35e3ffa7d1c00e61fd62b413cd
- SHA512
  
  e7884875f9e86fbb3b1c5481fa1d3fbdf2ced0adbb30b541de9a44eedf6a27745c50209ef8999700539fc136d0f071046a693745c9d79dbbc65a0abf810df6a2
- SSDEEP
  
  196608:gJ3FBfF3hPXieIVTB9onJ5hrZERlyiU8AdZYJERS48RmU/ITvN8wZlsPvZBdcMch:OPfF3dgH9c5hlERJAdZYygtNITfZWG80
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4