umbral | 365f462f95da9ec8d143ca51af88aeb8c9037de86586650288804ae10cc99b27 | Triage

Submit
Reports

Overview

overview

Static

static

DominantExecutor.exe

windows11-21h2-x64

Sharing

General

Target

DominantExecutor.exe
Size

235KB
Sample

241027-pgwjesvncn
MD5

cd020f630a72c41f0cac05594e2531a8
SHA1

5b50eaf7e1a05898b7b83a6e7be6cb828006345a
SHA256

365f462f95da9ec8d143ca51af88aeb8c9037de86586650288804ae10cc99b27
SHA512

617876e1fd81f9e41c78cd2ea905bf6ff7b985dc123dba98a031c69172bf8ceb947a7d73495f2cecdbba6c1bb55354b72bcf1446158adcb8ddf045f456ba8174
SSDEEP

6144:rloZM+rIkd8g+EtXHkv/iD4uA4LbhS6F6AxDeeb9X0b8e1mMx7i:poZtL+EP8uA4LbhS6F6AxDeeb+7xW

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

DominantExecutor.exe

Resource

win11-20241007-en

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1299078252156948541/7550Q1tgxJx5anCYTTFh4CKPN6ooqp2koK--uLz8yz9w9dcKnvZLvK_HR2-Jc1EbaBtJ

Targets

- Target
  
  DominantExecutor.exe
- Size
  
  235KB
- MD5
  
  cd020f630a72c41f0cac05594e2531a8
- SHA1
  
  5b50eaf7e1a05898b7b83a6e7be6cb828006345a
- SHA256
  
  365f462f95da9ec8d143ca51af88aeb8c9037de86586650288804ae10cc99b27
- SHA512
  
  617876e1fd81f9e41c78cd2ea905bf6ff7b985dc123dba98a031c69172bf8ceb947a7d73495f2cecdbba6c1bb55354b72bcf1446158adcb8ddf045f456ba8174
- SSDEEP
  
  6144:rloZM+rIkd8g+EtXHkv/iD4uA4LbhS6F6AxDeeb9X0b8e1mMx7i:poZtL+EP8uA4LbhS6F6AxDeeb+7xW
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy