General
-
Target
rc7.exe
-
Size
235KB
-
MD5
fa5aa7c2bfbc245ebee8440c1b3defe4
-
SHA1
20ecd06fbedbb5bdd5f4e2f52d73009e046cc86a
-
SHA256
e9a5a1a833ca3d4c9cb4ffbc3df56b9afca877820407075819ffd44935220728
-
SHA512
415f11596e8e4f821be610beb75142597c324a1c600f6993aa21a64280e7333996eebea7ff308eb0aa4da44ab53d6b4bdf53fef2755924c1c4fcf5dfbf742371
-
SSDEEP
6144:BloZM+rIkd8g+EtXHkv/iD4y7IRbhS6FuAxDeebrtb8e1mM0Ii:zoZtL+EP8y7IRbhS6FuAxDeebBMx
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1116068562331783239/pYoaRGQQxDu5yiFXO2V5FPx73m7R_kaS0Cek299-LGzPb6VbPbNaNC_E2cz8c8d982zw
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
rc7.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections