Overview

overview

10

Static

static

3

idk2.exe

windows7-x64

10

idk2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    idk2.exe

  • Size

    235KB

  • Sample

    240212-cfkdjsgh87

  • MD5

    de1f5092e62d04690fb1d954f8540116

  • SHA1

    959c0ee9355335d66fa5939dda6d452be32a8a06

  • SHA256

    f36f29328d18f9d764b1a9e1e278750d21164ae1c1a25307d018a8e4e17c7c08

  • SHA512

    2f438cffea72ebb9b089bfba476f4606a92667c154b31c2a6c4153a5ea4aa61620571a4db36a7ed5dffd71cd6edc9250157238b0e8b3a5a53fd27952dd3c2fa6

  • SSDEEP

    6144:qbjntB9rSX4wXTAOU5Mj1af2FUD8bTc5Niydt8k1Mwce6yoN:qbjn1WowBTbTcLFHd1Mwz6t

Score
10/10
umbralstealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1204944287041847307/aoa_S28cr8V4g11xswAZC9SdvRJS8ygczDK-GfItmMFXCcL2edroJI5lraSE-OISlf6d

Targets

    • Target

      idk2.exe

    • Size

      235KB

    • MD5

      de1f5092e62d04690fb1d954f8540116

    • SHA1

      959c0ee9355335d66fa5939dda6d452be32a8a06

    • SHA256

      f36f29328d18f9d764b1a9e1e278750d21164ae1c1a25307d018a8e4e17c7c08

    • SHA512

      2f438cffea72ebb9b089bfba476f4606a92667c154b31c2a6c4153a5ea4aa61620571a4db36a7ed5dffd71cd6edc9250157238b0e8b3a5a53fd27952dd3c2fa6

    • SSDEEP

      6144:qbjntB9rSX4wXTAOU5Mj1af2FUD8bTc5Niydt8k1Mwce6yoN:qbjn1WowBTbTcLFHd1Mwz6t

    Score
    10/10
    umbralstealer

    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

      stealerumbral

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks