umbral | c19c1b9db038d843ea040fdd1e0ef430258479b88da3db295d82ad5ede7d54fd | Triage

Submit
Reports

Overview

overview

Static

static

spoofer.exe

windows10-2004-x64

Sharing

General

Target

spoofer.exe
Size

227KB
Sample

240224-bpvefadf78
MD5

71fdaa3ec1242e7643807ade78ae0c8b
SHA1

307ddc6e4a768069e726fd4bb1c21d1a8a3dcc7e
SHA256

c19c1b9db038d843ea040fdd1e0ef430258479b88da3db295d82ad5ede7d54fd
SHA512

ab43150a6ba2caf3e81212a840e05a6b6b95762ed2ba8234411beeeaf564a5512cc46d25c3fedc154fbe259f3ad113539861cb98b91e1caaa2fd43863a34a877
SSDEEP

6144:eloZM+rIkd8g+EtXHkv/iD4SDD6hv0IHL2PxM4dCCb8e1m4i:IoZtL+EP8SDD6hv0IHL2PxM4d5G

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

spoofer.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1210733110031810621/r_rZtQEleKzMn7aZM0D--g5JiVRm4WDTbyFH3LcUJ4FO1AOmo9ETESvufAm_n5auQ799

Targets

- Target
  
  spoofer.exe
- Size
  
  227KB
- MD5
  
  71fdaa3ec1242e7643807ade78ae0c8b
- SHA1
  
  307ddc6e4a768069e726fd4bb1c21d1a8a3dcc7e
- SHA256
  
  c19c1b9db038d843ea040fdd1e0ef430258479b88da3db295d82ad5ede7d54fd
- SHA512
  
  ab43150a6ba2caf3e81212a840e05a6b6b95762ed2ba8234411beeeaf564a5512cc46d25c3fedc154fbe259f3ad113539861cb98b91e1caaa2fd43863a34a877
- SSDEEP
  
  6144:eloZM+rIkd8g+EtXHkv/iD4SDD6hv0IHL2PxM4dCCb8e1m4i:IoZtL+EP8SDD6hv0IHL2PxM4d5G
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy