General
-
Target
payload.exe
-
Size
226KB
-
MD5
c7b0bf5c137eb3a501094638b9318933
-
SHA1
230e462cbcf038e8f692286f3c660815d49c8e14
-
SHA256
39f9bb3017c4439683731bb4c4931a955696de15efab8b05cad4c2142d51e376
-
SHA512
7d3dd963dfba5bef0a9ece912a34b89ac43b1647c0ae60f3ec2034d8b2b395fef76743e72bcb9726b512fc10f88f04d46d2851e53cdaa74adcb65ffc2a16d2a5
-
SSDEEP
6144:+loZM+rIkd8g+EtXHkv/iD4n6rk/1+mplsl3ySX6Eb8e1maic:ooZtL+EP8n6rk/1+mplsl3ySX30c
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1143115606330200074/pyKgc8H0hMiolN7TnRv_a5UZxMEV9hMyMPcyMEE79xLCjkKRbFA2ce8qYJuxmfb_M-83
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
payload.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections