umbral | 93223f738657509b016c39bb9d2c7728d698391afe35ce95fb775c32e2d11c3b | Triage

Submit
Reports

Overview

overview

Static

static

3

Neo_Perm.exe

windows11-21h2-x64

Sharing

General

Target

Neo_Perm.exe
Size

1.2MB
Sample

231229-bh26psbggr
MD5

d4041cc3e5034ae1ef88af893b2f5b15
SHA1

b4a5312e96d4618b067b2865ec75b88806162ccc
SHA256

93223f738657509b016c39bb9d2c7728d698391afe35ce95fb775c32e2d11c3b
SHA512

0b3eaa222ec8905bc3163eca5abef8ab1cd39d4c898f3e617dd1257c98f3c8fd533898cc5f91006416bd5a82c23db0ac3400a3f74beda34e2c54d9ba1b1605c7
SSDEEP

24576:5GKxdvVStCsVR+bkSe/oREP64Ng0o48I0zEMM:wKxdvcQsVRm/+j6DRFREMM

Score

10^/10

umbral stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Neo_Perm.exe

Resource

win11-20231215-en

windows11-21h2-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1190042379600797716/_o3srVE7TGd9h-tXYsjqIoul_MAhdkguDLRahVco32Q3wx_y9SxlyFBxvxjJsCXHT46C

Targets

- Target
  
  Neo_Perm.exe
- Size
  
  1.2MB
- MD5
  
  d4041cc3e5034ae1ef88af893b2f5b15
- SHA1
  
  b4a5312e96d4618b067b2865ec75b88806162ccc
- SHA256
  
  93223f738657509b016c39bb9d2c7728d698391afe35ce95fb775c32e2d11c3b
- SHA512
  
  0b3eaa222ec8905bc3163eca5abef8ab1cd39d4c898f3e617dd1257c98f3c8fd533898cc5f91006416bd5a82c23db0ac3400a3f74beda34e2c54d9ba1b1605c7
- SSDEEP
  
  24576:5GKxdvVStCsVR+bkSe/oREP64Ng0o48I0zEMM:wKxdvcQsVRm/+j6DRFREMM
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy