General

  • Target

    https://download.oxy.st/d/wXOh/2/b18d9bd17d358652a7abc06ed4c4f63f

  • Sample

    240428-24magsbg61

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1234227911570231390/0z3FMS1OCOm4Dimw1zroCZEdttv5BdfkYDJmjaCIZnKZ5CxWh2wDpajd40DrN9mMEQHM

Targets

    • Target

      https://download.oxy.st/d/wXOh/2/b18d9bd17d358652a7abc06ed4c4f63f

    Score
    10/10
    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks