umbral | dd0f083b53019355be2e48e58bbe0c6fd98a180e2921f7709984d228cb6e467f | Triage

Submit
Reports

Overview

overview

Static

static

Huy.exe

windows10-2004-x64

Sharing

General

Target

Huy.bat
Size

230KB
Sample

241017-zbp5kaxgnp
MD5

107fbd66e307aec7540e2cd20a9bcb34
SHA1

3b9b1aaae9f92d76f3004797d61e00ab2e8827e7
SHA256

dd0f083b53019355be2e48e58bbe0c6fd98a180e2921f7709984d228cb6e467f
SHA512

754ad589254db37d7e4cc9d88edbeb7f65237932bd432e2d5f69bbe0eb194e4bec372db8e7b0dc5114498b02e8022261b6662a683961d7c391647dbaa0dcc2ae
SSDEEP

6144:1loZM+rIkd8g+EtXHkv/iD4wsTRdLocDXabtIExfG2b8e1mnn8i:XoZtL+EP8wsTRdLocDXabtIExBAV

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Huy.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1296560289818480691/ulnfTZvQzO_rSsv2ax9-ULnnINXCyJz88OOjVQXiZ_dqa5trdVDnncFvpjubS3i_jPrx

Targets

- Target
  
  Huy.bat
- Size
  
  230KB
- MD5
  
  107fbd66e307aec7540e2cd20a9bcb34
- SHA1
  
  3b9b1aaae9f92d76f3004797d61e00ab2e8827e7
- SHA256
  
  dd0f083b53019355be2e48e58bbe0c6fd98a180e2921f7709984d228cb6e467f
- SHA512
  
  754ad589254db37d7e4cc9d88edbeb7f65237932bd432e2d5f69bbe0eb194e4bec372db8e7b0dc5114498b02e8022261b6662a683961d7c391647dbaa0dcc2ae
- SSDEEP
  
  6144:1loZM+rIkd8g+EtXHkv/iD4wsTRdLocDXabtIExfG2b8e1mnn8i:XoZtL+EP8wsTRdLocDXabtIExBAV
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy