Overview

overview

10

Static

static

10

ZCCT.xlsx.exe

windows7-x64

10

ZCCT.xlsx.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ZCCT.xlsx.exe

  • Size

    287KB

  • MD5

    828ec9e9d1fd89c29c09523f4553cf5b

  • SHA1

    c07d1c3695bde351f14cf610e6237877b02d5cec

  • SHA256

    d3492c1347976ac6e6cef64371d97351ec97ad8bac67d14d4be42bff471dc064

  • SHA512

    16d89e6c48e2d25598ad203a9b2810d514a72e0c5daf2aa9af45b556691161d427c73653158cd75b00698fb8dffde728fa643c1102b9f8fb181aa5f47120e1ee

  • SSDEEP

    6144:oloZM+rIkd8g+EtXHkv/iD4bTdZ1P8e1mFRAi/:2oZtL+EP8bT9K

Score
10/10
umbral

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1153056107867164752/tRuN1HzDWrxnDeJOXWa-NtAfRVdka8UNdyoIo4-qrYXI_C1XFMggkrLEFyTkoagsN9jt

Signatures

  • Detect Umbral payload 1 IoCs
  • Umbral family
    umbral
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ZCCT.xlsx.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections