umbral | a78dcf241ef32561d3ae030149169f37085ba754e7f148a21e8f22951b028a73 | Triage

Submit
Reports

Overview

overview

Static

static

DominantEx...1).exe

windows11-21h2-x64

Sharing

General

Target

DominantExecutor (1).exe
Size

231KB
Sample

241027-phwwksybpl
MD5

16171d12f35e11115cedc4284f86958b
SHA1

e17c29c6b4b3f54f6d6cedf556f5b110b1965479
SHA256

a78dcf241ef32561d3ae030149169f37085ba754e7f148a21e8f22951b028a73
SHA512

975f5e6a099536f9f13720f85a41b519d730ef814409c6d45614bbaba6a5b06e0ee996d7a8dbf1c5b066b59bae2836ecf7a22bc303df7f0cb21f1c06e527735d
SSDEEP

6144:8loZM+rIkd8g+EtXHkv/iD40kijGELnsvd42X3WYx8b8e1muSi:aoZtL+EP80kijGELnsvd42X3WYitH

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

DominantExecutor (1).exe

Resource

win11-20241007-en

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1299370629824512111/FuPScG6DLCG9POPbj8bk8oTq5VoKOVqfisCJ07VmDVQfyM30RsO4HoLfncfkOe23qFov

Targets

- Target
  
  DominantExecutor (1).exe
- Size
  
  231KB
- MD5
  
  16171d12f35e11115cedc4284f86958b
- SHA1
  
  e17c29c6b4b3f54f6d6cedf556f5b110b1965479
- SHA256
  
  a78dcf241ef32561d3ae030149169f37085ba754e7f148a21e8f22951b028a73
- SHA512
  
  975f5e6a099536f9f13720f85a41b519d730ef814409c6d45614bbaba6a5b06e0ee996d7a8dbf1c5b066b59bae2836ecf7a22bc303df7f0cb21f1c06e527735d
- SSDEEP
  
  6144:8loZM+rIkd8g+EtXHkv/iD40kijGELnsvd42X3WYx8b8e1muSi:aoZtL+EP80kijGELnsvd42X3WYitH
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy