umbral | d1c9cf26181befbb8e3c53ea3b2aac37afd12d06ff9e53d42438c67a79b134c4 | Triage

Submit
Reports

Overview

overview

Static

static

1

SolaraFixer.7z

windows11-21h2-x64

Sharing

General

Target

SolaraFixer.rar
Size

70KB
Sample

241026-mtpkja1lap
MD5

b77e6245add9f2cb38fb2bf2a310e83c
SHA1

223c9b6e76776310a1e74e398060342263eb46ea
SHA256

d1c9cf26181befbb8e3c53ea3b2aac37afd12d06ff9e53d42438c67a79b134c4
SHA512

2e9d6545f06ef6014f6f640db3fb9bbd5d698afdec45399774fe0cd8410bd51f60961c0b04b1393975d3e08fa62de1ba2bf3de226b9724dce27dc1418b88877d
SSDEEP

1536:uRChivU97J63OL+V+8GFJj+ODdCxI1Tu7HU7rXYvePzYQ:uIis97IESHKyI1TsHUNbYQ

Score

10^/10

umbral stealer

Static task

static1

Behavioral task

behavioral1

Sample

SolaraFixer.7z

Resource

win11-20241007-en

windows11-21h2-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1299461719801991309/vrYuMDjs_n5vFmzGOfz4kp_hTyDr2VE1-rjZ8OaF0rcFRYvfnqe3C0qr56jzGH43IeT7

Targets

- Target
  
  SolaraFixer.rar
- Size
  
  70KB
- MD5
  
  b77e6245add9f2cb38fb2bf2a310e83c
- SHA1
  
  223c9b6e76776310a1e74e398060342263eb46ea
- SHA256
  
  d1c9cf26181befbb8e3c53ea3b2aac37afd12d06ff9e53d42438c67a79b134c4
- SHA512
  
  2e9d6545f06ef6014f6f640db3fb9bbd5d698afdec45399774fe0cd8410bd51f60961c0b04b1393975d3e08fa62de1ba2bf3de226b9724dce27dc1418b88877d
- SSDEEP
  
  1536:uRChivU97J63OL+V+8GFJj+ODdCxI1Tu7HU7rXYvePzYQ:uIis97IESHKyI1TsHUNbYQ
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy