Overview

overview

10

Static

static

10

aaa.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aaa.exe

  • Size

    229KB

  • Sample

    241112-yjjgbazdpg

  • MD5

    0b7b5b3a185a737bc8fde7fba7bb9e32

  • SHA1

    1031e26d6884fcc411a69332f897d9f2e1cb9bd8

  • SHA256

    54eafd742f090b4beb346283bf9568451918a7123573f24a5df5730fe14d356f

  • SHA512

    180678c18eb374fa69526baa48cc317bb55873f2380254c97ad97b6137f4e9dfb2214a26b04c2a3588068e979b8f2d142330b77ea5cba1a743e5450eeff3fa21

  • SSDEEP

    6144:9loZM+rIkd8g+EtXHkv/iD4kl0h+8D/0wVA+Pv+AEb8e1mGi:foZtL+EP8kl0h+8D/0wVA+Pv+dM

Score
10/10
umbralstealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1305952873032450102/VPf69xoHs0ieV9XCBGj1h-sk87KiOVBD2TpzbWxBVZhZ9ZRQ3nsD2hSajAXeX9GZC3oR

Targets

    • Target

      aaa.exe

    • Size

      229KB

    • MD5

      0b7b5b3a185a737bc8fde7fba7bb9e32

    • SHA1

      1031e26d6884fcc411a69332f897d9f2e1cb9bd8

    • SHA256

      54eafd742f090b4beb346283bf9568451918a7123573f24a5df5730fe14d356f

    • SHA512

      180678c18eb374fa69526baa48cc317bb55873f2380254c97ad97b6137f4e9dfb2214a26b04c2a3588068e979b8f2d142330b77ea5cba1a743e5450eeff3fa21

    • SSDEEP

      6144:9loZM+rIkd8g+EtXHkv/iD4kl0h+8D/0wVA+Pv+AEb8e1mGi:foZtL+EP8kl0h+8D/0wVA+Pv+dM

    Score
    10/10
    umbralstealer

    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

      stealerumbral

    • Umbral family

      umbral

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks