umbral | 16ab548b51418dc856d375ca306d50fe04ba25df2fb01fdf31057f6fd72f5348 | Triage

Submit
Reports

Overview

overview

Static

static

1

Havoc-Executor.rar

windows10-2004-x64

Sharing

General

Target

Havoc-Executor.rar
Size

16.8MB
Sample

240221-e93s4abf3y
MD5

f92596f16b2227ca7b19b8fcfc146763
SHA1

673eb42df68aec2de4558120785d4b45a7fcbe0f
SHA256

16ab548b51418dc856d375ca306d50fe04ba25df2fb01fdf31057f6fd72f5348
SHA512

668b9ddbdddccf6876ceb6e4294e0b360534ec5bee12881020e9842ee6e19d1f5554c4ca72a0a2335a71c9ab403891c5076c3f9a8ca5140d699eef5a530bee8e
SSDEEP

393216:msqRW0KzrmKC0eNSo38nS1AcYcr2B5u0hKjAXyjbBsK33w4SXjMj:msqLKOKC0eN5sS1Ac1iojAXZFjMj

Score

10^/10

umbral stealer

Static task

static1

Behavioral task

behavioral1

Sample

Havoc-Executor.rar

Resource

win10v2004-20231215-en

windows10-2004-x64

12 signatures

1800 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1202713966892154880/hKt1959RM0bV5-3CpJAwh821Kr6T7h9g1Q2lLB0g86ovim2izdHbNw9y6LtQFK8C5Zhm

Targets

- Target
  
  Havoc-Executor.rar
- Size
  
  16.8MB
- MD5
  
  f92596f16b2227ca7b19b8fcfc146763
- SHA1
  
  673eb42df68aec2de4558120785d4b45a7fcbe0f
- SHA256
  
  16ab548b51418dc856d375ca306d50fe04ba25df2fb01fdf31057f6fd72f5348
- SHA512
  
  668b9ddbdddccf6876ceb6e4294e0b360534ec5bee12881020e9842ee6e19d1f5554c4ca72a0a2335a71c9ab403891c5076c3f9a8ca5140d699eef5a530bee8e
- SSDEEP
  
  393216:msqRW0KzrmKC0eNSo38nS1AcYcr2B5u0hKjAXyjbBsK33w4SXjMj:msqLKOKC0eN5sS1Ac1iojAXZFjMj
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy