umbral

General

Target

radmin.exe
Size

232KB
Sample

240201-cl9kmabadp
MD5

6b23b65c77bba099dde4dc05b1c13edf
SHA1

a741b264e94873f3ce18cec6aefc3250aa87b7ac
SHA256

a6c26b7a10e97636547172d24d97605eb3115d7df32fcc824501d3b483bd03f5
SHA512

179debf3b2e43cbc059d597ea3db8583d21f2fd44920329e04b452071bac6fcb513fe77bb2c1554e7f6508dcb3c4e1e0773f2e756d824cd1fbead5ac90b9759d
SSDEEP

6144:aloZMmrIkd8g+EtXHkv/iD4saBTbhS6FuAxDeebdTb8e1mJi:koZ1L+EP8saBTbhS6FuAxDeebtT

Score

10^/10

umbral stealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1187615835485904967/lpOV6uMIhD-oL8NDJEVNEcW1BDAhB8JAlxcynU7EAvAOQPdtvMveWdQ1qjwtGRxNo5md

Targets

- Target
  
  radmin.exe
- Size
  
  232KB
- MD5
  
  6b23b65c77bba099dde4dc05b1c13edf
- SHA1
  
  a741b264e94873f3ce18cec6aefc3250aa87b7ac
- SHA256
  
  a6c26b7a10e97636547172d24d97605eb3115d7df32fcc824501d3b483bd03f5
- SHA512
  
  179debf3b2e43cbc059d597ea3db8583d21f2fd44920329e04b452071bac6fcb513fe77bb2c1554e7f6508dcb3c4e1e0773f2e756d824cd1fbead5ac90b9759d
- SSDEEP
  
  6144:aloZMmrIkd8g+EtXHkv/iD4saBTbhS6FuAxDeebdTb8e1mJi:koZ1L+EP8saBTbhS6FuAxDeebtT
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect Umbral payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2