umbral | f1c13bee5af7786c246f5ed4a6acf6e942bd806129a441cd881651967deddd73 | Triage

Submit
Reports

Overview

overview

Static

static

FortniteDMA.exe

windows11-21h2-x64

Sharing

General

Target

FortniteDMA.exe
Size

234KB
Sample

250207-epz7gazldq
MD5

31563902affc8c9469b7e58e57b6dc61
SHA1

db5c1063da3b189121602b44b8d40b2a19cf36ce
SHA256

f1c13bee5af7786c246f5ed4a6acf6e942bd806129a441cd881651967deddd73
SHA512

73940f040c2fdeca033640388a149dbfb82d1d053b1b3c3c5c3633c063e52a6e020af0f2f696473273095ab19ac0466840bd43b75f6952296bb227221f47a376
SSDEEP

6144:HloZM3fsXtioRkts/cnnK6cMljEdU1DA0rYSjVg8Zw4b8e1m1TjiU+:FoZ1tlRk83MljEdU1DA0rYSjVg8ZFUTq

Score

10^/10

umbral stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

FortniteDMA.exe

Resource

win11-20241007-en

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discordapp.com/api/webhooks/1337272004390289541/0CcVnR3Axwt50zVOxFoeSmJu9veWYP4GEUypnUFd_l0ogBD8G6nzXRBxmdG8zDwyH4xQ

Targets

- Target
  
  FortniteDMA.exe
- Size
  
  234KB
- MD5
  
  31563902affc8c9469b7e58e57b6dc61
- SHA1
  
  db5c1063da3b189121602b44b8d40b2a19cf36ce
- SHA256
  
  f1c13bee5af7786c246f5ed4a6acf6e942bd806129a441cd881651967deddd73
- SHA512
  
  73940f040c2fdeca033640388a149dbfb82d1d053b1b3c3c5c3633c063e52a6e020af0f2f696473273095ab19ac0466840bd43b75f6952296bb227221f47a376
- SSDEEP
  
  6144:HloZM3fsXtioRkts/cnnK6cMljEdU1DA0rYSjVg8Zw4b8e1m1TjiU+:FoZ1tlRk83MljEdU1DA0rYSjVg8ZFUTq
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy