Overview

overview

10

Static

static

10

WheatEngine/Wheat.exe

windows7-x64

10

WheatEngine/Wheat.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WheatEngine.zip

  • Size

    127KB

  • MD5

    e6e09967547c68263304a145968261f2

  • SHA1

    9bdd4723986987d50165739f74b5fbb53ecc5ab6

  • SHA256

    0062b0beca2ac3cab8bdeb8db133c4d527cf2b5b1641e7313a911d77aca77787

  • SHA512

    e08c38b505712e48ccda5f1fa7a479418046d4f79213877f5617b518279ab18fa0378d0968fd3a223ed54a9d9fd1f28f7ab3471fd1dd11d61d772f9be0877926

  • SSDEEP

    3072:Eqc0KKUjEIATqpmZAhJFsPyNw4N30dzl61SWoJTkU:E5KUjEIV0Z9yNwa3gzM1SWoBkU

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://canary.discord.com/api/webhooks/1172682479925211166/fNObiYsvVWaiyhDTsjUjsr6ocoSGjGvcdEU8FCCT5VkNtN8ANc1ue7Yhp_7qf8h4xaLR

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • WheatEngine.zip
    .zip
  • WheatEngine/README.txt
  • WheatEngine/Wheat.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections