General

  • Target

    Copped.exe

  • Size

    434KB

  • Sample

    240613-zagrsstcrj

  • MD5

    61eb747d9aca2e32df170bfe5cd278ed

  • SHA1

    e7086ca9616727f0d612c12e5e19200f98b35b26

  • SHA256

    2902b2d11793853c4ca9a23168b421afed4aacf0f345cc7ba955b2ae9cd61605

  • SHA512

    6ea3dffbfb9071c506affd7b1c6f4cc3d6c911775b4df31adb8f25c75d99f536c67fcdddf4d107d1f6e969d6155fef738015d756ed8b936ca7f354ba554a8952

  • SSDEEP

    12288:xoZZL+EP8MzMQQWRJ6TvSgR1ExP42u9ODA53:zI86MQQWRJ6TvSgR1Ext

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1250906915148660757/n5kTt2muM1UsIJ3KdGNFsQoNfCd6iKdJbNs1XwVdH3VTtaQoX95hDgA6iAiDVU0OKiKV

Targets

    • Target

      Copped.exe

    • Size

      434KB

    • MD5

      61eb747d9aca2e32df170bfe5cd278ed

    • SHA1

      e7086ca9616727f0d612c12e5e19200f98b35b26

    • SHA256

      2902b2d11793853c4ca9a23168b421afed4aacf0f345cc7ba955b2ae9cd61605

    • SHA512

      6ea3dffbfb9071c506affd7b1c6f4cc3d6c911775b4df31adb8f25c75d99f536c67fcdddf4d107d1f6e969d6155fef738015d756ed8b936ca7f354ba554a8952

    • SSDEEP

      12288:xoZZL+EP8MzMQQWRJ6TvSgR1ExP42u9ODA53:zI86MQQWRJ6TvSgR1Ext

    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

MITRE ATT&CK Enterprise v15

Tasks