umbral | 482c7fa477b50ba1f6f6254060c2e472a23c3c18da7f1bab3f19691fc3dca563 | Triage

Sharing

General

Target

Netflix_Checker_50K__CPM.rar
Size

8.2MB
Sample

240227-x69fkshf6s
MD5

1e13454bdfc4f54a02339c99279b6b2e
SHA1

8d025bb5e2990aa898d1ce299e68b2ca86ec74b0
SHA256

482c7fa477b50ba1f6f6254060c2e472a23c3c18da7f1bab3f19691fc3dca563
SHA512

c6f2bfc11e0712d6333ac8034555df7d42342bb1a7ffd9d6728fe73cd7a4a5f1636b14231630eee01b280f85b7f01d64852b3f71d68c056d28829b6322062159
SSDEEP

196608:+0hW8xil8grmCHD7J0FzEuPoBsPVSN6ql:+0887gRnJ8zEoo2PV06ql

Score

10^/10

umbral stealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1153056107867164752/tRuN1HzDWrxnDeJOXWa-NtAfRVdka8UNdyoIo4-qrYXI_C1XFMggkrLEFyTkoagsN9jt

Targets

- Target
  
  Netflix_Checker_50K__CPM.rar
- Size
  
  8.2MB
- MD5
  
  1e13454bdfc4f54a02339c99279b6b2e
- SHA1
  
  8d025bb5e2990aa898d1ce299e68b2ca86ec74b0
- SHA256
  
  482c7fa477b50ba1f6f6254060c2e472a23c3c18da7f1bab3f19691fc3dca563
- SHA512
  
  c6f2bfc11e0712d6333ac8034555df7d42342bb1a7ffd9d6728fe73cd7a4a5f1636b14231630eee01b280f85b7f01d64852b3f71d68c056d28829b6322062159
- SSDEEP
  
  196608:+0hW8xil8grmCHD7J0FzEuPoBsPVSN6ql:+0887gRnJ8zEoo2PV06ql
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2
- Target
  
  pass 1122.txt
- Size
  
  9B
- MD5
  
  50da9795513edb709f05cc3dd45bb875
- SHA1
  
  28b8ffc4bffa76f728391d21e72d73de359b706b
- SHA256
  
  80aad06e823c524b80b779f2ad1722508460609de79319ec1e8f87a72fd2085c
- SHA512
  
  6d4ddfd185f093a91e93c878283cffc3b1603d43dad57b896af03b4025f42ebcaa908b02070051e275073416076c518c4f562b589da8ca8c45747b003f73942e
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4