umbral | 8f4b22364fdf68f082032114054f826d4b63ecda665121ad7b29097689eab528

Sharing

Copy URL

Twitter E-mail

General

Target

VwMare.zip
Size

580KB
Sample

250216-x3x85swmep
MD5

16ff5fe8c1ceecf48cc728157a4d3c1e
SHA1

fa45a7f7c5fa7fd9a2967e31975a04f75f052e6f
SHA256

8f4b22364fdf68f082032114054f826d4b63ecda665121ad7b29097689eab528
SHA512

2ada10bedcfc0bace3652c29f80f983a77ca29ff89b522925b4b8706e75ddda0f08e97d36e23299acda01741f2783a0e0c1c9d55d48b1fa53a4ada4d456a8a75
SSDEEP

12288:57kncaBNW7ChUc1g8V1KKldak+54yuKQe/KLI96u8QYZ:57uca/iaUc1vrKKZ6zuKQeCbQYZ

Score

10^/10

umbral macos

Malware Config

Extracted

Family

umbral

https://discord.com/api/webhooks/1336637633069187123/cni2pZnSirmp_aAVBBgAbBaiReZ7XTYDEaJEpPe9h8Hx8ctQbPJs02I6SYHVBAJvEAnb

Targets

- Target
  
  VwMare/config/scripts/config.js
- Size
  
  981B
- MD5
  
  13cd51da19aabc0c7caa309b3b83eb20
- SHA1
  
  4a6291442fb8e5510a6d663fbbfdc2b7e665fe8f
- SHA256
  
  157332c4e2dbe4219a4387b6e2f83b333fbb23c2a3d5c08ce0041c1ca46d3e8f
- SHA512
  
  a4965af8f0f8c527b5d8aa2a75cad60b6e6f469ff36511368dbe4bed3da02379722ca94f399375529b1edcec69fd7e745a19bf0847390006c70a77c9240b9fdb
Score

1^/10
behavioral1
- Target
  
  VwMare/config/scripts/library/Minecraft.js
- Size
  
  6KB
- MD5
  
  59a16aa059d831dca2a30e8bccfa0ca2
- SHA1
  
  1fe6164efa567eda613127b8124d1caec2314c7c
- SHA256
  
  e23f740675f8e7f0478a9ac0caa338d51b036f7657dd86a1c1f0804f25e544a8
- SHA512
  
  2e30831aaa0db192b34a48e2d7e44f98dcc37c4c788adbe0349636fe3149fdb6cf367c30afd4d0e3a0d0555b292b0539e1261bd2e32d56113020ae74c112cade
- SSDEEP
  
  96:xmyd/pKXx7jnkiQPZ1pvwkTc1R0GUmJwR/DFexMdMADxzuR4UNZ/28AQ2:U7zNOOPmUudtzE28AN
Score

1^/10
behavioral2
- Target
  
  VwMare/config/scripts/library/classes/blockBuilder.js
- Size
  
  2KB
- MD5
  
  1c4f79699431af60afc3cbd89d1fd865
- SHA1
  
  9ec94c48f245d5d4a1f016d4f851622b09c675eb
- SHA256
  
  cdf14adb8446e2e282b990450adcdee660d48fcfd9f5d42da987031f7ac95491
- SHA512
  
  4ba42c89199ccaa3091cce49988fde00195e03a1aab200bbf4afc52cdd563cb9e4225e59ab89d0ff64fa09d9a8942036079240eb736978bf058c6dd47da6e604
Score

1^/10
behavioral3
- Target
  
  VwMare/config/scripts/library/classes/commandBuilder.js
- Size
  
  21KB
- MD5
  
  970a259834ac90a035e3334abb139d5b
- SHA1
  
  56ae1079a2f32f0cced6a42ff88fc1a1e568e04b
- SHA256
  
  7813fbf0bfed76d4fd2d5e9e0c17d210c6f76ae34efc90df6f0e04c6868b6a61
- SHA512
  
  0ed38ca6a21cdd09aaf86a8cce58f244c07bff7863608c9f9b0aa84eec781e34e55f0f2fa49b66ba36ad56f47b55c8be3bdb5721fb4baaa6849deb933640ffd5
- SSDEEP
  
  384:xkB4r7H0rfUmnrvX1QhQ5rW/WB7+pR2to9phJKe7z9Es:xkSmUmnTFNaWF+go9x37zOs
Score

1^/10
behavioral4
- Target
  
  VwMare/config/scripts/library/classes/databaseBuilder.js
- Size
  
  3KB
- MD5
  
  b0423d3dc1396f58c0b4b0b392fd246e
- SHA1
  
  6c134811730b9807691cd2760b0ab09ad6502f63
- SHA256
  
  02e97e9134402ee6174a6010d0cb6d13c9c2c6d9f9f8feb549b18588e54fbcff
- SHA512
  
  909e7a0adff8db1dcc4a953f0bb9783139c7ee07d034b62848a482ac3c05f878857a69e870019afa76590b42e1593d75a2110fb8827a46d4fc39c37ab08fff86
Score

1^/10
behavioral5
- Target
  
  VwMare/config/scripts/library/classes/eventEmitter.js
- Size
  
  4KB
- MD5
  
  4a3c79b280d46c9d23d8396a9d303c30
- SHA1
  
  62e20844b99365c2420aebfc3de883e75cd1bab9
- SHA256
  
  3d683a0d969974866d9f2b4d8b4ede940ef234533bfd01743f46740fd732fc69
- SHA512
  
  6b58f9733d6be879a93bdeccdd9396ea3ab1997a4fdf93d7915aaab59f970572e5689e974b520771c70fc0188e3a0c33b9e6ecd1eedff7b787f391b9aee9ced9
- SSDEEP
  
  48:MkRQAs/kXvgSkFjNIDgRxpUKt0hno1WbAKHqmIQ0C:fQAXfkjNIDoUKtI9bAKHqZQJ
Score

1^/10
behavioral6
- Target
  
  VwMare/config/scripts/library/classes/playerBuilder.js
- Size
  
  3KB
- MD5
  
  dbecf601e4c051f51b6e2ae1de7a7312
- SHA1
  
  81d151aa24c008aca2e28b3df3b844adda741281
- SHA256
  
  5f6c4bb3afc0e866e5de9aed115e481f156af940794fef2fb1a5f722c46e53b3
- SHA512
  
  7ec28be201e30e5b5868d80811f129d5cbdf2cac7702d8bbb770027a690c2f6f18917fd66ca09ba092759dccb57cf7d86341dc4800b2d22877558173ddf9d824
Score

1^/10
behavioral7
- Target
  
  VwMare/config/scripts/library/classes/serverBuilder.js
- Size
  
  2KB
- MD5
  
  07bc5cf7ace02cc87763c359d5bcfc69
- SHA1
  
  5b967a4178959672ba89aa9ecf06493396ee059f
- SHA256
  
  f56e13ab4cbd0fec610df6b8f251b883fa952e5d033745043b89a3e8259732d0
- SHA512
  
  3c05c90b17b0a7cf0255d6da221449b161d3cb79c7df66d8500be51912a18e03cdeebb35f6b61647c3035f689b27fc2bbf0736ccd71ab9955695cfe515d4297b
Score

1^/10
behavioral8
- Target
  
  VwMare/config/scripts/library/classes/structureBuilder.js
- Size
  
  11KB
- MD5
  
  9514f7178e1728477c624d8cfe566ece
- SHA1
  
  5622f3f2c8180399c10daea648800fe6f950ebf7
- SHA256
  
  495fe2b059767563a89aa00a3553319d32b5378cb8d9ea1d3d77fdd7fdb5d91d
- SHA512
  
  5bfbb8c3d3082b96f84969e00011b82542181f2b9b33afaedc217da871bf8fbae809c0130cea5130d14439fa189a41b282719b3246db54fcaa61538b89f219dc
- SSDEEP
  
  192:KjR7a52QTz2HpQDn4X+hmpmNiQm7Q1m1gZhmpmiUCQm7Q1m1etu20Xx:8gyHo4XempmYQm+mavmpmWQm+mogh
Score

1^/10
behavioral9
- Target
  
  VwMare/config/scripts/library/classes/uiFormBuilder.js
- Size
  
  9KB
- MD5
  
  dca6d36dcf9c68b1152923adcd416ef4
- SHA1
  
  4ced1d4bee81f4ff1358de2838c6d36fc9d8ab23
- SHA256
  
  fc771839c1c74ec039988896c6475b363239deb5e6122f412c702718f9554b88
- SHA512
  
  ab173312660f7731d28d081df4bd3fc62dd4fc1ad209da57fc5a065b9d1f4df3bae97f8237d74ed6e2b65fe1f09ca3c2717e2210f60ef17e5ef999f36c734d15
- SSDEEP
  
  192:AbN3QdCoORoTO/BICN2a2hWqrCU3g/z7pWVQhcFjWwDcgS1Aa:RdCooRpIb3CaVBFCwQg+
Score

1^/10
behavioral10
- Target
  
  VwMare/config/scripts/library/configurations.js
- Size
  
  208B
- MD5
  
  56d95d8f368b0a070d407b9e71b85920
- SHA1
  
  996ad4c2d4a603b270fe35f6574b727d99fd68e6
- SHA256
  
  863e9d3506adfcd2fd98dce680e37717bc669044112d8f3d3fbe72e12d512360
- SHA512
  
  0c254e1b700d6b5cf3cf34e39827d247fc7ca4918a12e812cd2b33cb48126c36ebcee020088ba54ffdf0bb8600d0c9980c9562df3d72d878c4873ea663bf0115
Score

1^/10
behavioral11
- Target
  
  VwMare/config/scripts/library/utils/bounds.js
- Size
  
  4KB
- MD5
  
  18a5705b19360cc70c7b22fc29a72588
- SHA1
  
  ef40bab11cae7a451927f18e1da528228f12bf91
- SHA256
  
  66b7c38e2cccbf4e9d08c2934775b6a19fb1edc809f5a9a5e5a754595a4a8afd
- SHA512
  
  8dde953d207f1f106e34c2f89b2d0f227fb6284f1f25bc34f536437902e9c8947d4e054a3cdade0ea4c0d8acb7d145c89bc48066bb75bec3e3e991fabf5e567d
- SSDEEP
  
  96:TPCGai2sLFEAMpqPBrLNbnyuRFGpkepkt8DEPPe7uv4n/8:b/aiVCrpqVxbnyurGpDpwPPeym/8
Score

1^/10
behavioral12
- Target
  
  VwMare/config/scripts/library/utils/contentlog.js
- Size
  
  834B
- MD5
  
  9348f7cc4eb61c92c0eb16b281348606
- SHA1
  
  247d3304b5d6c887af6d411561c38df7252b3cc1
- SHA256
  
  13aed2cf70500f626777b261e9e099328e8393d38c00b93de19dd3c703f3a65e
- SHA512
  
  eabe863dc94fef0855ace4abd755e1e15c3b11bae2cd76ba167d53e565560bd704c1c1c93d6ed6844c6088cb2e607676b60244abdcf175dab8fb5f548f0c7b56
Score

1^/10
behavioral13
- Target
  
  VwMare/config/scripts/library/utils/debug.js
- Size
  
  271B
- MD5
  
  493c9fbf8367e1188df8f2fafd7859ed
- SHA1
  
  f8447206242140e2cfe43e70ac6b63561f55734b
- SHA256
  
  c56e4a21381d2889ad69e4a594b02f34943b69d9b0178784840fd7d6dbe683e8
- SHA512
  
  997f0201e74c1b38afa291eca50fff5204f21daf59ba5788bb6bbf9388e888ad6c955441cc08883aa1de1beb6a652c39fd11e92c9ef7e62f99132b7b38502f4c
Score

1^/10
behavioral14
- Target
  
  VwMare/config/scripts/library/utils/index.js
- Size
  
  293B
- MD5
  
  9ab3fc8abb52660275d3487d1ee76f73
- SHA1
  
  0ca5d3d93cdf94fc5951defa4a2229bb84e85f8d
- SHA256
  
  634930570322ecfcf6c64e210ce8a16ed15b599c6a4ac6b73714120699f5f781
- SHA512
  
  977efa5a3b015369f6a0864ae9917ba29399e92daffd0decbf95f667387e88dd71a7026a9c5e03f7a64a297f00e80a672edb85725e36dbfa93fa59f0d3781c74
Score

1^/10
behavioral15
- Target
  
  VwMare/config/scripts/library/utils/multithreading.js
- Size
  
  3KB
- MD5
  
  3b1fa3a67c81261a24ba2d5f795abd1c
- SHA1
  
  078689fa57f89ce0fd59d32489857e71db0da3a4
- SHA256
  
  200ab174e4652a5e0188f4f245db18f4e68976b655c3e22211d5ce8580d62067
- SHA512
  
  92187f8b83d71c85ed2abc9ae82aa686e7b7b94cda1b9f9c181aff56c6f00d0ac2d46997ede62c3100cd9a817f60aa8f21850881eda53f78212b3bfb185e8a75
Score

1^/10
behavioral16
- Target
  
  VwMare/config/scripts/library/utils/rawtext.js
- Size
  
  2KB
- MD5
  
  2474693b6100793cb45856553941be42
- SHA1
  
  ca5b534b662ab061b9ee62421ed61add9ba181fd
- SHA256
  
  63273bd0869e8dab13a38540c56150a4f7adbcb968802d919385b447601002d5
- SHA512
  
  fff77b99d1dad9be1d4a8afd2d5dec1e644277cf791e3d6c5929f6791496ddc70a0d7dcbea7d7874ac131cd4bebf3ede1cac2c7c639399dc77e0c839d450daf5
Score

1^/10
behavioral17
- Target
  
  VwMare/config/scripts/library/utils/scheduling.js
- Size
  
  2KB
- MD5
  
  e995991da33b61f6ad193eda1ea33273
- SHA1
  
  59e12b7df288eb56f283b010f2359f7f65dac04a
- SHA256
  
  9c34b3f9b84d0132980577cdb4f6cf4e842f1014fcc16efa84d80615b506a30c
- SHA512
  
  1132990b2e3356e7a98cdd5240470734f9a28d23690074e1f8d9ddf46ce5921e834b283b560b8dcb8cd0e014ac95bb1be4e290436cfea909d7bab7466f5a49ff
Score

1^/10
behavioral18
- Target
  
  VwMare/config/scripts/library/utils/tickingarea.js
- Size
  
  1KB
- MD5
  
  9102964e659b197c9e3cc6defd9d36f4
- SHA1
  
  0dfe7f7c6841b8fec021c40ada8c34939f29257e
- SHA256
  
  244ede8f0e1fe12ce2a02367556ef637f28e7a90c72886c0acbb81d701879cb6
- SHA512
  
  3a83a99e0d7dad347a560e1f2bd383bcb52b20421a8ba00010b6430c73a45f0a9fe33070d1209c26e7ba4dc17194990f789db59885377dd454983bec64de7c7c
Score

1^/10
behavioral19
- Target
  
  VwMare/config/scripts/library/utils/uniqueId.js
- Size
  
  113B
- MD5
  
  3ed3b00e3c2bc816e9e44f8e0be2b609
- SHA1
  
  e4497962a8febc362d6b7238a40c773c9c862e17
- SHA256
  
  94126651124da03751f4d16033e182bbe9a3aaeec6edaadde428b7ea672e64ad
- SHA512
  
  7d77003680425331f633b54bd9390fa3ca284b12b3f9e33d9174e5b3187be610eb9f126689c26347d1957ac70fae8441ec62c33b08485301dfa9ec657a515c1d
Score

1^/10
behavioral20
- Target
  
  VwMare/config/scripts/library/utils/vector.js
- Size
  
  6KB
- MD5
  
  66e07166d620e33d491add3983cfed6f
- SHA1
  
  e491cb4fd36edae7ccc7da2ed792f0c257ccb800
- SHA256
  
  32e5255aba3246a1866f8b866099d0e9ff6f8a176b0c7ef9b93a2dac850dd2da
- SHA512
  
  74cf667d03dc3b5d27ace2486428207a9f1b412a4f9336690db8d47bbf417c49c42ed73402e0ab7d71450618d368f2c73e861741276bb2efde766d334e44e86b
- SSDEEP
  
  48:YMW+aDrN3QlA168oYKT9Eh2N2BPn9Eo2N2vDon5jE4N2vDodT7k9Cgh5YVCX1d/P:nuDrViuhPKoe5QwJWYVaO9ez
Score

1^/10
behavioral21
- Target
  
  VwMare/config/scripts/server/brushes/base_brush.js
- Size
  
  694B
- MD5
  
  3a6a340f957f3d11a366d7d8cf641f19
- SHA1
  
  223cf5e814ef94ec40da5f0cc7c2b668210fa2ba
- SHA256
  
  db878761de65915a072e89ff9a15a3700fd80fc3f1ecebfba2e65467262830e7
- SHA512
  
  4b96e66c5221dcf23a9c995b4b0ce0848ae8408a5a960cb97f8d5b11d18b796b981edab4d9b49be46cc37cc0a30c7c8200299c5bfb653b13d85bc6d21fef95b9
Score

1^/10
behavioral22
- Target
  
  VwMare/config/scripts/server/brushes/cylinder_brush.js
- Size
  
  2KB
- MD5
  
  a04a717a031dcf4fa46551c366d0506d
- SHA1
  
  22e2b7a4c3dfe12e5913c10e9e62427ce4a94332
- SHA256
  
  246cd2f5f9de88d91e9b7d9156010653b9139ab8ebaa235491db8a233f694f3b
- SHA512
  
  a5edd1b34c3fa1e291359142f1ead35f4342b281c6acc84ef5c8b9e68cbeebd0400eb1c73665b88e14352516c95381c6217ef131a55c6c17bb77267de17b6c58
Score

1^/10
behavioral23
- Target
  
  VwMare/config/scripts/server/brushes/erosion_brush.js
- Size
  
  7KB
- MD5
  
  83fe117dd5c5f8980e5dd7fa2fd7276a
- SHA1
  
  01cb59388659fcdd53681da3bf578294c3973fa4
- SHA256
  
  98b13232e82949c76adfc360e656a3068420e7e9eaba8f78a45b9f46ef187043
- SHA512
  
  422fc3b4316066fa4e7b807d86b59c6a0e73c2f961a1b6452849f56448ca4663b88072c2caae6507747dbd221f4ef478163ee9de94438de3f1332ba4848fa28d
- SSDEEP
  
  96:iiVmi4efbBYYYUc51RK+LOtPDFqr29xOcXqx9R87eZrR87sOHkuABZlUzQo:VZt1F+LOtPDFkOTqx9i7iri7GZl4
Score

1^/10
behavioral24
- Target
  
  VwMare/config/scripts/server/brushes/overlay_brush.js
- Size
  
  3KB
- MD5
  
  98781b2745228cb50a8d5bece5d7ed0b
- SHA1
  
  8320c6df502bf2d3f30e75c49d2fdd9de12cadea
- SHA256
  
  45f44e1145fdb26527699f4e68293483f6cab3b40f35e43dbe9a842d534257e1
- SHA512
  
  ad5cd03036f224ee3838e467521072cea171dee06191323046f41daa9d62df17a0ac3e4dedc799d26d89f65ae32d8b5ac06cfe56dc19662e0f85c3d84da58c8c
Score

1^/10
behavioral25
- Target
  
  VwMare/config/scripts/server/brushes/smooth_brush.js
- Size
  
  2KB
- MD5
  
  ee3ff1f992848c736b39046947d920ab
- SHA1
  
  008d0443a631abf266981069d87dfd5005540d22
- SHA256
  
  c63e8cd4636e71c04613ec62b4ffb0bbcd94b6ca960b2a9008e3bf4d4315706f
- SHA512
  
  8cc10fdc2ea9891931e12ca24a91a3b4e000fed25cb8482dd716f27e2d020a785e3b9acd74e4ffb1204b06c77dd90ea483f1dac45a53d05d4e1009d325c95ae2
Score

1^/10
behavioral26
- Target
  
  VwMare/config/scripts/server/brushes/sphere_brush.js
- Size
  
  1KB
- MD5
  
  8ca75dce3fd2a90ef5d52ef1dac6559c
- SHA1
  
  f7f8ce496379da964440e9aacda73372c36c0f42
- SHA256
  
  8172881a0436fcc837ff69e27b9c28616050f0fd0bbb2cc7d9d9f4af98b166a6
- SHA512
  
  3f405125150b67096d868b3847f9f425aad2cef598203c45dcf09804fbb5ffba9579c59230f54444b4dadc5a0b596bc0f9856ad59ccdd1123d99a4cd6ac4d3ea
Score

1^/10
behavioral27
- Target
  
  VwMare/config/scripts/server/brushes/structure_brush.js
- Size
  
  3KB
- MD5
  
  949c7f583802932dea2ad82ddb7ee864
- SHA1
  
  4d22d2f29894c83a6cda7fada2ac89a0a83ca77e
- SHA256
  
  39e3d9d3617f2926cde06bd63b2c0a49b28d75a61a0396e07acec4675964ea9e
- SHA512
  
  938ff186c00d1032e133decf795e6c6b59bdbf9648461790ff2a2ae7275469bf99590e0dd87ff2c014f3d42b9533889fb714adecb3d52236f86d9d17af699b82
Score

1^/10
behavioral28
- Target
  
  VwMare/config/scripts/server/commands/biome/biomeinfo.js
- Size
  
  2KB
- MD5
  
  9d9e81030dcd104f43e037790e117d62
- SHA1
  
  50804c10688f9bd66328ad4be316d02b6a00426a
- SHA256
  
  a9704ea7a31c01aa182598b7b4ab0db807a7de652e701f888ab489f4a571fef8
- SHA512
  
  a76af9e7019c08fb651c2e6106d81d539135aaa8f952c746b6ee4dd7bcecf7251dd5930521b3ef256ff04f7d9aac57569c89f0ecbe1bc6f854223a57a59bd674
Score

1^/10
behavioral29
- Target
  
  VwMare/config/scripts/server/commands/biome/setbiome.js
- Size
  
  3KB
- MD5
  
  cbbd64a8caf2299fceccae62f31b2062
- SHA1
  
  5a92a6f00acef324dd8ce57ca967548f93cce789
- SHA256
  
  1f6cb6bfbd7e9489430c35c50d59e6a3242faabb80e2942ab510774a80b4fbe7
- SHA512
  
  7099bfce11ae3179cdb2c9cc76fbcf3d6263a0fbd260c3e9de6ebecb3183367d34b9cc2cf36f4e137b6c0f3e6d8bed48011ac0055a90558bbef32f4039ba1aaf
Score

1^/10
behavioral30
- Target
  
  VwMare/config/scripts/server/commands/brush/brush.js
- Size
  
  9KB
- MD5
  
  be02748a7ad06b6576fa9744026a689e
- SHA1
  
  ba8751f7abb22023df0305ae702be1af5aa0b005
- SHA256
  
  c01117f81850337557095c22d6e79a363e44685a58f9cfb78cd449e126daf18e
- SHA512
  
  7f56b0d73d70d538bd3f66a69ee17acd919525a0d72f31146fa90f5d7be5516968707500bc0fe8c8650633ad5a11b79fe91b3af99f008f8427ec4b96a8b78c05
- SSDEEP
  
  192:1MiUNoDUAqbVAWUBGrdH3Sj6SxV3061LSu639GT8:1Miz0SjpJ6d
Score

1^/10
behavioral31
- Target
  
  VwMare/config/scripts/server/commands/brush/mask.js
- Size
  
  804B
- MD5
  
  b0cf5cb0be302babf0f7b0d80b5574ee
- SHA1
  
  36c14320bf936e6a2e20b3271765bec3454a567f
- SHA256
  
  f6c4cc6cc1b2b867e9fc5e9374efc9ac684f8b34bf324bfc3ac21bfc499a81c4
- SHA512
  
  794027ebd8857c2420fe6d04802e227846ee081bb3a69ffc26e20c100ff4c92683410e3e3064baff8d9ca00acf841089828836b53930505aba3fdcdc0f797d99
Score

1^/10
behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32