Umbral-cleaned[.]exe | Triage

Resubmissions

02/06/2023, 05:35

230602-f93zjaaa22 3

02/06/2023, 05:33

230602-f84jnshh98 7

02/06/2023, 05:31

230602-f737hsad3z 7

02/06/2023, 05:30

230602-f7c1bshh93 7

01/06/2023, 02:23

230601-cvdvbaca88 7

Sharing

Copy URL Twitter E-mail

General

Target

Umbral-cleaned.exe
Size

211KB
MD5

c5887041b43eb792715435477e281213
SHA1

201e476465e4bbaba060a09df91fd283989a85db
SHA256

625f9ce7762b274fec39ce6c0d82bd5ad3b63809e0354a42c58aa55edae38baa
SHA512

6653538f54d9b804f11119cd7f7ed23b212599b2bdac81a6dc2b381d704b0f9ead59ae666ba4adef63dd42e57eca4d6eb5ea58e3b1a79d25efe749e1408e6023
SSDEEP

3072:a8yhpLJ/15UAHmnUOYoz7jm1r5wpS295OjmtHStw6x2zYtiPcUFK6YjFjA+vS88z:a8y/JHeJS1rF7UIpjA+l8eNYnCL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Umbral-cleaned.exe

Files

Umbral-cleaned.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ