umbral | 20367536f2263f53c3a52f574cbe883e539c7b2fb6cf344c8e1c9f6ed69c8c6c | Triage

Submit
Reports

Overview

overview

Static

static

3

svchost.exe

windows10-2004-x64

Sharing

General

Target

svchost.exe
Size

603KB
Sample

250219-svpvkstlbw
MD5

cbde7887e32b1c0837b4f5feaccfd19a
SHA1

979443ec0ee69c4aa59ba87b7fe631f733f39a68
SHA256

20367536f2263f53c3a52f574cbe883e539c7b2fb6cf344c8e1c9f6ed69c8c6c
SHA512

a8dbf07713cb6773df248f13b387f9edca8083a4f838b82fbfb571a107cd28125138174192f1dd5fa3dce3ed64cfcbb1ae5be1d96a55261b8621005012f050f8
SSDEEP

12288:5LQcwNyJ6oF2FqYTchKt8RjIxEWhD8Tr+38DijMCsiHzBQ:5LGNumChKt8RjOEE8Tr+32yFQ

Score

10^/10

umbral discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

svchost.exe

Resource

win10v2004-20250217-en

umbral discovery stealer

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  svchost.exe
- Size
  
  603KB
- MD5
  
  cbde7887e32b1c0837b4f5feaccfd19a
- SHA1
  
  979443ec0ee69c4aa59ba87b7fe631f733f39a68
- SHA256
  
  20367536f2263f53c3a52f574cbe883e539c7b2fb6cf344c8e1c9f6ed69c8c6c
- SHA512
  
  a8dbf07713cb6773df248f13b387f9edca8083a4f838b82fbfb571a107cd28125138174192f1dd5fa3dce3ed64cfcbb1ae5be1d96a55261b8621005012f050f8
- SSDEEP
  
  12288:5LQcwNyJ6oF2FqYTchKt8RjIxEWhD8Tr+38DijMCsiHzBQ:5LGNumChKt8RjOEE8Tr+32yFQ
Score

10^/10

umbral discovery stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

umbraldiscoverystealer

© 2018-2025

Terms | Privacy