Overview

overview

10

Static

static

10

Solara/Sol...er.exe

windows7-x64

10

Solara/Sol...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Solara.rar

  • Size

    107KB

  • Sample

    241108-qs46datbqq

  • MD5

    7e5ede9df260084d69b60071a1a1c9a5

  • SHA1

    0fc130884d63b2c0a6d3008304b586733ca1b1d8

  • SHA256

    5b60b4da07e1f183af246b3ddd85bf12be3bcf0b0d1005d110daa7fdc8ea125e

  • SHA512

    1c7660f9f81a35d0cf20f31e10c944ab2d698bba9e2aebd6fcfe9b330d5eaaac337acd64063ef9146a32dba384fae534170fbeebb03f9cb2b343c4cc2acb0773

  • SSDEEP

    3072:RKbiD7af1EgBobkyufH7ol7e+1+A3lwFI34:RwiSf19D187f8A3SFI34

Score
10/10
umbralstealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1303346382320566364/NKw3SHRn53oFiPfzBhnGkM5DJDPNYfTopbE2xqInlxxGUx2Xeo3MNSDPrwfoElJVpQzF

Targets

    • Target

      Solara/Solara Installer.exe

    • Size

      328KB

    • MD5

      4f7415acf4f5a898dd0ea6e7924137e2

    • SHA1

      13f5917af6bbf1f1f98633ac18532d8a43c2d92e

    • SHA256

      c182f999bccd715dd8dfd60b2c212ceaec08bad843ee95ecef3abf6230b7a447

    • SHA512

      eb903b09428f8ef8ba349a507a73627875096a4952ed768c640752b6bf1019a0ea1ca88246928055ba8591666de4dbfbf58bab65fc12e7544d013e13e838feb9

    • SSDEEP

      6144:iloZM+rIkd8g+EtXHkv/iD4CzaYSx6PTg8e1mHisxBt25:soZtL+EP8CzaYSj9sxBt

    Score
    10/10
    umbralstealer

    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

      stealerumbral

    • Umbral family

      umbral

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks