General
Static task
static1
URLScan task
urlscan1
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1080132753695182890/OM88z5U1CQlUDMQ1n3UcwRfJ2sRQBlvT6lYXqOseT-tGSfD3DocUvIPJtq9zz0WItMTc
Targets
-
-
Target
https://mega.nz/file/YOdhHAIY#jTm_5DeoMeP7VUQ0n2dVUwp34y2nBaRFF3d25T8MZis
-
Detect Umbral payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-