umbral

Resubmissions

01-02-2025 15:10

250201-skb6qsxmey 10

01-02-2025 15:07

250201-shlmdszjdk 3

Sharing

Copy URL

Twitter E-mail

General

Target

visa chker (2).exe
Size

352KB
Sample

250201-skb6qsxmey
MD5

16f434baf75d91420e232e8ba8ca1b2a
SHA1

050485704f51dc24b8c36da438ef9af6cc8b8ea5
SHA256

aa37a91d02342e352c232f16f028fee2148794db8306d71888949c18e194f4e0
SHA512

d1ba40fe0a243653aeb765720aae32d1e5b6926f60ec2818723cc38edfd0be16c9c44c8c9e1e4aa6dd695d30d3b704d33010d2c40a7266f912590441d86c9e32
SSDEEP

6144:cdRVzSkGTxSLD8uq5CaOPs47bhqUdh8SfkSE6GoE6Jrtqaw9/0G5:chqxSLo5C1Ps4Xhf8S8SRdvqawp0G5

Score

10^/10

Malware Config

Extracted

Family

umbral

https://discord.com/api/webhooks/1335250212557553664/Oms0E9sA-BluxlQ8a6nVRKSu9r0-8RrnXNd784nPqqAqA4oT0r-8bktBBJO1h9UNPvm-

Targets

- Target
  
  visa chker (2).exe
- Size
  
  352KB
- MD5
  
  16f434baf75d91420e232e8ba8ca1b2a
- SHA1
  
  050485704f51dc24b8c36da438ef9af6cc8b8ea5
- SHA256
  
  aa37a91d02342e352c232f16f028fee2148794db8306d71888949c18e194f4e0
- SHA512
  
  d1ba40fe0a243653aeb765720aae32d1e5b6926f60ec2818723cc38edfd0be16c9c44c8c9e1e4aa6dd695d30d3b704d33010d2c40a7266f912590441d86c9e32
- SSDEEP
  
  6144:cdRVzSkGTxSLD8uq5CaOPs47bhqUdh8SfkSE6GoE6Jrtqaw9/0G5:chqxSLo5C1Ps4Xhf8S8SRdvqawp0G5
Score

10^/10

umbral discovery stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Detect Umbral payload

Umbral family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2