General

  • Target

    TOOLSNXCLXN.rar

  • Size

    75KB

  • Sample

    240506-xd3sbsea91

  • MD5

    778a012a322ef022737614cd88f1dd0d

  • SHA1

    fbb02cdbbb5c4ad16ed3fed11c7cb6138886935a

  • SHA256

    f94153cfeb4b7fa38c103aaf84d6d1deecb194291b974526a504ffbc2ce282b6

  • SHA512

    45a33e6b5cbea376883d4106707e8b51b7bf84bf2c7bbfb472383ac742f9a10f10041d3b7451fef8cabfdca9f0b25747097994d5285e12359f968ef69f46d7b4

  • SSDEEP

    1536:Ls/risPJt3idxIbbDoG3/bhY1GN10kxmRTes4rF7UH3t9zc1t:gpPfyd8+1GNqkxmRf4B7Ud9zs

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1234683527757430874/biedJYdyCmt_WYbiwNuuaBRfXrktJzoSlJ2mgMw1oEF8LquTN45hRsh87zlXKAnoRDFu

Targets

    • Target

      TOOLSNXCLXN.exe

    • Size

      229KB

    • MD5

      8628b9dd8871af6a292f3a6e08386eaf

    • SHA1

      54424a37b205150d43b419eafb3d7bcb3dbf0f29

    • SHA256

      1040523f9dac2fb0ff0b30e5996aea8a5c326e685bc3633e5ea14f443aba7919

    • SHA512

      cc4633141e35c707d56299e161ec1de13adc8a42c4f6ef874e4b9a7b5f44e543113f58b3f19610bef227676bc00e4ad643e4cdf6e2a6f2f2f4323c65fec805d2

    • SSDEEP

      6144:2loZMafOe1FzxtE8WdhQ3cbbxM8KDXqBVa07nIrvTuuupJ8eFJL4w:AoZnvzx3MbVM8KDXqBVa07nIrAJX

    Score
    10/10
    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

MITRE ATT&CK Matrix

Tasks