Umbral[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Umbral.exe
Size

175KB
MD5

2bf5704bdc0fcde6f34aa5be9b36eb63
SHA1

b5d1867df200553013c790ec9c1c520c9b4fd708
SHA256

396522966a71f86a5b55cda06034e3f298f625791a2c8f35854c14ae97b02b46
SHA512

4177222d5c21b8f55d706307c39572118e2a77ae54d375c7e52a8a593720b55bf077cf19608e2fbd1cc5a0d2547d7732cad76966f853d693186c72ce7ba01c5d
SSDEEP

3072:/+INQJrRovRauHPnc1co5DZcoxuqu8NNNENWWWDbJrYuHVb/YoAeX90xeC:/sovA1jbFYuJR01

Score

1^/10

Malware Config

Signatures

Files

Umbral.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ