Overview

overview

10

Static

static

10

owo huntbot.exe

windows7-x64

10

owo huntbot.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    owo_huntbot.rar

  • Size

    89KB

  • Sample

    240704-qaeg1azand

  • MD5

    550425a30f0b1edc726c18c3f0f0363b

  • SHA1

    daeee551b9689ab716bbc6c903b236fcbc559e8e

  • SHA256

    a0b1850a85ac0daf903f13a719423de6a27dd8a06f350ab5e339473e0dc9bf71

  • SHA512

    11d4ebf1e7d3999f3a799f9e293cfbf4ad5f64e2789e918e186899b32de7409e99dba2e1362a584c88a8339dc95f6c404864ece990c70930d19280e2646d5318

  • SSDEEP

    1536:DHyhpPPU/GVf5wtlp+L2k6VaTBb7wP1Y6siPBHU7YKEHab9+fIWudyzmjxszDv0i:D8oGR5wtAZ64Vbq5hPe7uHu+UGmlOv0i

Score
10/10
umbralstealer

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1235634147129692262/ObP_Z-hBmM35S4-i4cnJTRVS17jaNnTGd1ymfWSoZcBwM-ytBOhE6NKDY7eTsJpF0hgY

Targets

    • Target

      owo huntbot.exe

    • Size

      244KB

    • MD5

      8bb9018e6293c3eb4c78f2d520b9e864

    • SHA1

      2597e4371b9a7e78030cfb96ac2a264ad91d2c4d

    • SHA256

      73dea80ba33a377e08706a9e35254ecb0d20da9f34edbca5523c71a5e9c9bf23

    • SHA512

      08a57c7ba8e389a9e98c5f3b745eb6514ff6d7a1b86bdf7836ff0c41f9c0e82038487eb7116f8b9a6bc235bbbe29d6eb5540cebf4a3904d3a6fe34766985876d

    • SSDEEP

      6144:NloZM+rIkd8g+EtXHkv/iD4K2secjfUT1gevPeQRx6lm8e1mKsiDKeS:PoZtL+EP8HsecjfUT1gevPe/unlD9S

    Score
    10/10
    umbralstealer

    • Detect Umbral payload

    • Umbral

      Umbral stealer is an opensource moduler stealer written in C#.

      stealerumbral
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks