umbral | b49e4e472506a6be8c7b61601a5dddadf2e21bd01c04160395a349ee06910031 | Triage

Submit
Reports

Overview

overview

Static

static

fun_dog.exe

windows7-x64

fun_dog.exe

windows10-2004-x64

Sharing

General

Target

fun_dog.exe
Size

234KB
Sample

241104-zs6hwazlhn
MD5

7482f1ce2a78a763ab636f7052e12d82
SHA1

7577b69eb0d10a8d2271f323dffd7cb76f0ab393
SHA256

b49e4e472506a6be8c7b61601a5dddadf2e21bd01c04160395a349ee06910031
SHA512

02c7eb377ae7eb2b27703ce79ee3f2f55ad7f15989a1d59ba0dda2098a8cc7a8994e6907ee117f60d2c2576f0ae6e158cc4598305fac434103e24113993a950d
SSDEEP

6144:zloZMLrIkd8g+EtXHkv/iD4qF7AclTwk73iTlwsJnfb8e1mZi:xoZ0L+EP887AclTwk73iTlwsJ7v

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

fun_dog.exe

Resource

win7-20241010-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

fun_dog.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1303101008255385690/WXsPsGJC1Arqncir6Bie5yA6WuLstQqj9Q6DnkFGedAeXleQDYotOEcPLXMjebR_-jV_

Targets

- Target
  
  fun_dog.exe
- Size
  
  234KB
- MD5
  
  7482f1ce2a78a763ab636f7052e12d82
- SHA1
  
  7577b69eb0d10a8d2271f323dffd7cb76f0ab393
- SHA256
  
  b49e4e472506a6be8c7b61601a5dddadf2e21bd01c04160395a349ee06910031
- SHA512
  
  02c7eb377ae7eb2b27703ce79ee3f2f55ad7f15989a1d59ba0dda2098a8cc7a8994e6907ee117f60d2c2576f0ae6e158cc4598305fac434103e24113993a950d
- SSDEEP
  
  6144:zloZMLrIkd8g+EtXHkv/iD4qF7AclTwk73iTlwsJnfb8e1mZi:xoZ0L+EP887AclTwk73iTlwsJ7v
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy