umbral | d9f33d5d2633fbb0038ee965a140a7a26e2f28b10aee8b3ea0e729452128d19c | Triage

Submit
Reports

Overview

overview

Static

static

Umbral.exe

windows10-2004-x64

Resubmissions

11-02-2025 23:49

250211-3vgt3svlaq 10

11-02-2025 23:47

250211-3sx4aavkgq 10

Sharing

General

Target

Umbral.exe
Size

229KB
Sample

250211-3sx4aavkgq
MD5

fd99541be9d7e3690c02aacc9b25fb64
SHA1

d1031c9cfde65a08f2682727dab72fd0373bbaa7
SHA256

d9f33d5d2633fbb0038ee965a140a7a26e2f28b10aee8b3ea0e729452128d19c
SHA512

d2a8cb3d82874475ee955831e952834b4626ed0a0931f76ee38a910295aacb39e4e6da60598df1335e840685ece7d8394e3b64272f5172ceecd78d257b944245
SSDEEP

6144:9loZM+rIkd8g+EtXHkv/iD4DMw2KInDAPZMK7bCR9b8e1mogi:foZtL+EP8DMw2KInDAPZMK7bCnz5

Score

10^/10

umbral discovery stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Umbral.exe

Resource

win10v2004-20250207-en

umbral discovery stealer

windows10-2004-x64

9 signatures

900 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1337485250564980757/5ucioVDdLZeiOKAiVvRyQVz28mIMAAh9D8uK6EdmE-eaGxcfymXH_6ckaLJYiXpw2-oo

Targets

- Target
  
  Umbral.exe
- Size
  
  229KB
- MD5
  
  fd99541be9d7e3690c02aacc9b25fb64
- SHA1
  
  d1031c9cfde65a08f2682727dab72fd0373bbaa7
- SHA256
  
  d9f33d5d2633fbb0038ee965a140a7a26e2f28b10aee8b3ea0e729452128d19c
- SHA512
  
  d2a8cb3d82874475ee955831e952834b4626ed0a0931f76ee38a910295aacb39e4e6da60598df1335e840685ece7d8394e3b64272f5172ceecd78d257b944245
- SSDEEP
  
  6144:9loZM+rIkd8g+EtXHkv/iD4DMw2KInDAPZMK7bCR9b8e1mogi:foZtL+EP8DMw2KInDAPZMK7bCnz5
Score

10^/10

umbral discovery stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Downloads MZ/PE file
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

umbraldiscoverystealer

© 2018-2025

Terms | Privacy