umbral | 6b38b27adbd76a7615d4f847603272918892835aef5339db8536940aab31532b | Triage

Submit
Reports

Overview

overview

Static

static

1

solara update.bat

windows11-21h2-x64

Sharing

General

Target

solara update.bat
Size

696B
Sample

250324-k1wlbavygv
MD5

e53d059e74af5964cd9fcc1990fe20ed
SHA1

b8b2f31a75e0b01e9b8a0b20865d1a620a67953d
SHA256

6b38b27adbd76a7615d4f847603272918892835aef5339db8536940aab31532b
SHA512

c327f797b0eabbc152b5f0431fad1b89c150e65a5f047ba9e3e01ac759aaeab1c9a759cab159d42429bae656eda6c8ef95d466c39d3f982ec0549f12f02aead3

Score

10^/10

umbral stealer

Static task

static1

Behavioral task

behavioral1

Sample

solara update.bat

Resource

win11-20250313-en

windows11-21h2-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1353647650406273086/8GnnMeDUTZK-6-j9EDZvfKzIJyfKeVtDQ5So4SbcZVbnlHXY3xScnbsdQlsZvj11NCJ3

Targets

- Target
  
  solara update.bat
- Size
  
  696B
- MD5
  
  e53d059e74af5964cd9fcc1990fe20ed
- SHA1
  
  b8b2f31a75e0b01e9b8a0b20865d1a620a67953d
- SHA256
  
  6b38b27adbd76a7615d4f847603272918892835aef5339db8536940aab31532b
- SHA512
  
  c327f797b0eabbc152b5f0431fad1b89c150e65a5f047ba9e3e01ac759aaeab1c9a759cab159d42429bae656eda6c8ef95d466c39d3f982ec0549f12f02aead3
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Downloads MZ/PE file
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy