umbral | d3492c1347976ac6e6cef64371d97351ec97ad8bac67d14d4be42bff471dc064 | Triage

Submit
Reports

Overview

overview

Static

static

ZCCT.xlsx.exe

windows7-x64

ZCCT.xlsx.exe

windows10-2004-x64

Sharing

General

Target

ZCCT.xlsx.exe
Size

287KB
Sample

240125-gpypraabep
MD5

828ec9e9d1fd89c29c09523f4553cf5b
SHA1

c07d1c3695bde351f14cf610e6237877b02d5cec
SHA256

d3492c1347976ac6e6cef64371d97351ec97ad8bac67d14d4be42bff471dc064
SHA512

16d89e6c48e2d25598ad203a9b2810d514a72e0c5daf2aa9af45b556691161d427c73653158cd75b00698fb8dffde728fa643c1102b9f8fb181aa5f47120e1ee
SSDEEP

6144:oloZM+rIkd8g+EtXHkv/iD4bTdZ1P8e1mFRAi/:2oZtL+EP8bT9K

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ZCCT.xlsx.exe

Resource

win7-20231215-en

windows7-x64

4 signatures

60 seconds

Behavioral task

behavioral2

Sample

ZCCT.xlsx.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

4 signatures

60 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1153056107867164752/tRuN1HzDWrxnDeJOXWa-NtAfRVdka8UNdyoIo4-qrYXI_C1XFMggkrLEFyTkoagsN9jt

Targets

- Target
  
  ZCCT.xlsx.exe
- Size
  
  287KB
- MD5
  
  828ec9e9d1fd89c29c09523f4553cf5b
- SHA1
  
  c07d1c3695bde351f14cf610e6237877b02d5cec
- SHA256
  
  d3492c1347976ac6e6cef64371d97351ec97ad8bac67d14d4be42bff471dc064
- SHA512
  
  16d89e6c48e2d25598ad203a9b2810d514a72e0c5daf2aa9af45b556691161d427c73653158cd75b00698fb8dffde728fa643c1102b9f8fb181aa5f47120e1ee
- SSDEEP
  
  6144:oloZM+rIkd8g+EtXHkv/iD4bTdZ1P8e1mFRAi/:2oZtL+EP8bT9K
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy