Umbral-cleaned[.]exe | Triage

Resubmissions

01/06/2023, 02:21

230601-ctaq9sca87 3

01/06/2023, 02:20

230601-csyfyaca86 3

Sharing

Copy URL Twitter E-mail

General

Target

Umbral-cleaned.exe
Size

223KB
MD5

ebc2bc1a24de8f9c246b8f78d3bf1ddd
SHA1

ec406fcacdbe1bd9bfc216e6585cdda19bc2e70c
SHA256

dfd4dcb0dcd8ce5204a15f89ab9c986ac269c43173155764502a76acc93de807
SHA512

dc3f30f40b58c0edce48d746eeb5a7c4f6b2404addf9f9bc9970fc3bac4dea0eb9f5a432165a31c2f949f803b5aae296247d0c212b5f4478974f450ae0428df1
SSDEEP

3072:HozhYc2Sayh60Ln3lekZqb+0WiBGtdnu1LL+CivmNbuDSEcCep/toYXjcGTSY4Us:Hoqccd0L/MXBGtY1/XlsD7fep/tDpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Umbral-cleaned.exe

Files

Umbral-cleaned.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ