Static task
static1
General
-
Target
Umbral.payload.exe
-
Size
3.9MB
-
MD5
88bc97d3ce48cd5aed088e81425e6eca
-
SHA1
d3ea5187b3e9c7728c30250f293cf237c7232fc5
-
SHA256
ced2d0cb9c1fd599933d18d71d0162588520dc0c4f5cf596ce7a4fa145fa7102
-
SHA512
68545d575f5aa74d55cbd6d931da3ba3e500c02239bfef62087ae15d55d58a13c7c8e5f107be38fd5b4432737d081ce51a6f4d8812a1b561cc70003f9866e3b1
-
SSDEEP
98304:JUcwti78OqJ7TPBVYVrsk9N8ivyhAdsPSQxokqXf0FmmeK7Vgd:JUcwti7TQlyVN8iNISzkSIgK76
Malware Config
Signatures
Files
-
Umbral.payload.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 3.9MB - Virtual size: 3.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ