umbral | 01e0a6ee3525d712d3d56b708914bbe5910cc2cdc3970f82d4afbac413f6142e | Triage

Submit
Reports

Overview

overview

Static

static

3

WindowstDr...64.exe

windows10-ltsc 2021-x64

Sharing

General

Target

WindowstDriverAutoUpdater_X64.exe
Size

2.5MB
Sample

241030-jz1yzaxrdx
MD5

6f4f8578849ae9ac04f1038f12bc6ba5
SHA1

abac0aa5afca58e47d26139ebb3b50a64b62890c
SHA256

01e0a6ee3525d712d3d56b708914bbe5910cc2cdc3970f82d4afbac413f6142e
SHA512

9bc144713f3179cc3fbcf7531d54d77c714449b5dad1e7c9ab069a5fc14a38e360cc3c93b70018873c2da0221ddad6af3caebb8d1905e322a40d3c9693e1d25e
SSDEEP

49152:gdyk9hBIBRCpIfYU697Dmz9R6YZBbxPFii8QrPL4mgekYllV:gb9hBIBopzUsDcnBtFii8QT0mxlb

Score

10^/10

umbral discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

WindowstDriverAutoUpdater_X64.exe

Resource

win10ltsc2021-20241023-en

umbral discovery stealer

windows10-ltsc 2021-x64

11 signatures

60 seconds

Malware Config

Targets

- Target
  
  WindowstDriverAutoUpdater_X64.exe
- Size
  
  2.5MB
- MD5
  
  6f4f8578849ae9ac04f1038f12bc6ba5
- SHA1
  
  abac0aa5afca58e47d26139ebb3b50a64b62890c
- SHA256
  
  01e0a6ee3525d712d3d56b708914bbe5910cc2cdc3970f82d4afbac413f6142e
- SHA512
  
  9bc144713f3179cc3fbcf7531d54d77c714449b5dad1e7c9ab069a5fc14a38e360cc3c93b70018873c2da0221ddad6af3caebb8d1905e322a40d3c9693e1d25e
- SSDEEP
  
  49152:gdyk9hBIBRCpIfYU697Dmz9R6YZBbxPFii8QrPL4mgekYllV:gb9hBIBopzUsDcnBtFii8QT0mxlb
Score

10^/10

umbral discovery stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

umbraldiscoverystealer

© 2018-2024

Terms | Privacy