Umbral[.]exe | Triage

Resubmissions

04/06/2023, 10:12

230604-l8t8wsbh35 6

04/06/2023, 10:05

230604-l4yqhscd7w 3

Sharing

Copy URL Twitter E-mail

General

Target

Umbral.exe
Size

229KB
MD5

4a5c7a582170a0828f3a9fbbea16098b
SHA1

1ca1b82410195ca8bef6bd45c774313dc4b93f39
SHA256

bef4242e4d87219f42ffe28e6290a576b83670f6ad7fd9b00e3c160abedf5e87
SHA512

6c8354350b29b616b8d048feed0fdd1213fd36a96a4551a1c2642006731f2f6bb69839e2508cee8c43b7ee396b30ba93ad6fd1ffab287aecbeb9fee2f9f10fad
SSDEEP

6144:9loZM+rIkd8g+EtXHkv/iD4H+SprRiK1rwBzOur8Ib8e1mUVi:foZtL+EP8H+SprRiK1rwBzOurV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Umbral.exe

Files

Umbral.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ