General
-
Target
NEAS.02ca3b79c12ed28ec6eb5410b20c5df0_JC.exe
-
Size
293KB
-
MD5
02ca3b79c12ed28ec6eb5410b20c5df0
-
SHA1
3a97a86b041e37414072174d7b6707a0f52f2ff5
-
SHA256
d8a3a182fcd2773594f2055d1f54c7e558510d6a0a372ff7f721d360425aef90
-
SHA512
5fb4a458e2e30fdf86d8d0d73a88a38d757771bf5331c3cba83bf49ada625513d9bf8bd72131211eeb652d08cc206a79660a676036586650ceaa9629f02ef40f
-
SSDEEP
6144:GloZM+rIkd8g+EtXHkv/iD44FuHhv0IHB2PxM4d90b8e1mXi:woZtL+EP84FuHhv0IHB2PxM4deJ
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1160195270143922249/U-QcJo4LI46aV5JRsndz6oDyFHGQTTgcScceb4ejQXcwyD4rbQm3BE8aVLrnOVnDZbKr
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
NEAS.02ca3b79c12ed28ec6eb5410b20c5df0_JC.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections