umbral | b02f3ef73077f0c54cff0e1d920e2013ea549c97daede6cae61c966d556fff9e | Triage

Submit
Reports

Overview

overview

Static

static

1

Havoc-ExecutorV2_.rar

windows11-21h2-x64

Sharing

General

Target

Havoc-ExecutorV2_.rar
Size

16.8MB
Sample

240221-29ywgaha34
MD5

9ff3dea2bad4a76bc65e98acf1234f0a
SHA1

49754b9f66989694c66a5a50f33426ffdb2cc3f5
SHA256

b02f3ef73077f0c54cff0e1d920e2013ea549c97daede6cae61c966d556fff9e
SHA512

94716419b6a60f2b0b2d454215d1f6bb827f88d8d412115837ed35b9135ff73abd1c3995710c4f52d2bb92db07b94803fee5857041a534d077e0c73bcf49415e
SSDEEP

393216:5C/zS+kIvNug+zU+29zreM2M4ZFKV0o24pGO23dVC8:Y/3kIluV7QvF8ZW0o2FtL

Score

10^/10

umbral stealer

Static task

static1

Behavioral task

behavioral1

Sample

Havoc-ExecutorV2_.rar

Resource

win11-20240221-en

windows11-21h2-x64

8 signatures

300 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1202713966892154880/hKt1959RM0bV5-3CpJAwh821Kr6T7h9g1Q2lLB0g86ovim2izdHbNw9y6LtQFK8C5Zhm

Targets

- Target
  
  Havoc-ExecutorV2_.rar
- Size
  
  16.8MB
- MD5
  
  9ff3dea2bad4a76bc65e98acf1234f0a
- SHA1
  
  49754b9f66989694c66a5a50f33426ffdb2cc3f5
- SHA256
  
  b02f3ef73077f0c54cff0e1d920e2013ea549c97daede6cae61c966d556fff9e
- SHA512
  
  94716419b6a60f2b0b2d454215d1f6bb827f88d8d412115837ed35b9135ff73abd1c3995710c4f52d2bb92db07b94803fee5857041a534d077e0c73bcf49415e
- SSDEEP
  
  393216:5C/zS+kIvNug+zU+29zreM2M4ZFKV0o24pGO23dVC8:Y/3kIluV7QvF8ZW0o2FtL
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy