umbral

General

Target

Flameware Private.exe
Size

230KB
Sample

240316-3rsgeahb93
MD5

abc025caa58fe6ecb84365b64d4ed757
SHA1

b3113843f2267767c19386553405154ec7a71f85
SHA256

5df04b74201455ad96f742657340d53387fe4d3642321f8d1f9bd76805d77570
SHA512

2fe0131b442753d19ffe9443f20ece0bad4de6199a0b178f56eda4b97f71d635fdc493664c661dcfdb0fd29f30f834ae4e692411435ef5fd706fd4e915694492
SSDEEP

6144:+loZM+rIkd8g+EtXHkv/iD4WEWFn9GfUL1gevPeywb8e1mhi:ooZtL+EP8WEWFn9GfUL1gevPeXj

Score

10^/10

umbral stealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1217610167663722609/NB-eNWsxtNNHgliag5tJotM2zTBDtCZpdOO7U0kN2MIZj9ueRRdK-56IQssAjUJcFf5H

Targets

- Target
  
  Flameware Private.exe
- Size
  
  230KB
- MD5
  
  abc025caa58fe6ecb84365b64d4ed757
- SHA1
  
  b3113843f2267767c19386553405154ec7a71f85
- SHA256
  
  5df04b74201455ad96f742657340d53387fe4d3642321f8d1f9bd76805d77570
- SHA512
  
  2fe0131b442753d19ffe9443f20ece0bad4de6199a0b178f56eda4b97f71d635fdc493664c661dcfdb0fd29f30f834ae4e692411435ef5fd706fd4e915694492
- SSDEEP
  
  6144:+loZM+rIkd8g+EtXHkv/iD4WEWFn9GfUL1gevPeywb8e1mhi:ooZtL+EP8WEWFn9GfUL1gevPeXj
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detect Umbral payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2