umbral | 3836777928625a4b88e3a9b60d4b2183993ced6aeed370c907f97ffddda81756 | Triage

Submit
Reports

Overview

overview

Static

static

1

DDOS.rar

windows10-2004-x64

Sharing

General

Target

DDOS.rar
Size

80KB
Sample

250325-111g9sxjv3
MD5

665e2b88cbb4f2d6619cf310efa9a718
SHA1

33ee13b7e69a9ed7668a9d95bf6eaea174e81433
SHA256

3836777928625a4b88e3a9b60d4b2183993ced6aeed370c907f97ffddda81756
SHA512

6f0a9e0126c74cec489cdd32153b3fc30b587e3b968496fedabaa438a3fc011a3bcace23744b58c3828c56c7e0164fb646611d723d309b46324b6a4228b474a4
SSDEEP

1536:999Hi0aFLF72eqD5bC699r9FfTK4LsiQaQAVkj8hdWxu5s8p4G/D0yC/qBI:dHi0aF8HD5bC699r3BtQUkjG2uS8aG/U

Score

10^/10

umbral stealer

Static task

static1

Behavioral task

behavioral1

Sample

DDOS.rar

Resource

win10v2004-20250314-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1350423646270787686/H1DtvzV7Pf4VsZw447YSDqIQOVcS2sloH6hasKgLYzVDxsMia1gykUN-r3LqpFFmGFEY

Targets

- Target
  
  DDOS.rar
- Size
  
  80KB
- MD5
  
  665e2b88cbb4f2d6619cf310efa9a718
- SHA1
  
  33ee13b7e69a9ed7668a9d95bf6eaea174e81433
- SHA256
  
  3836777928625a4b88e3a9b60d4b2183993ced6aeed370c907f97ffddda81756
- SHA512
  
  6f0a9e0126c74cec489cdd32153b3fc30b587e3b968496fedabaa438a3fc011a3bcace23744b58c3828c56c7e0164fb646611d723d309b46324b6a4228b474a4
- SSDEEP
  
  1536:999Hi0aFLF72eqD5bC699r9FfTK4LsiQaQAVkj8hdWxu5s8p4G/D0yC/qBI:dHi0aF8HD5bC699r3BtQUkjG2uS8aG/U
Score

10^/10

umbral stealer
- Detect Umbral payload
- Umbral
  Umbral stealer is an opensource moduler stealer written in C#.
  stealer umbral
- Umbral family
  umbral
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy