General
-
Target
spoofer.exe
-
Size
227KB
-
MD5
71fdaa3ec1242e7643807ade78ae0c8b
-
SHA1
307ddc6e4a768069e726fd4bb1c21d1a8a3dcc7e
-
SHA256
c19c1b9db038d843ea040fdd1e0ef430258479b88da3db295d82ad5ede7d54fd
-
SHA512
ab43150a6ba2caf3e81212a840e05a6b6b95762ed2ba8234411beeeaf564a5512cc46d25c3fedc154fbe259f3ad113539861cb98b91e1caaa2fd43863a34a877
-
SSDEEP
6144:eloZM+rIkd8g+EtXHkv/iD4SDD6hv0IHL2PxM4dCCb8e1m4i:IoZtL+EP8SDD6hv0IHL2PxM4d5G
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1210733110031810621/r_rZtQEleKzMn7aZM0D--g5JiVRm4WDTbyFH3LcUJ4FO1AOmo9ETESvufAm_n5auQ799
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
spoofer.exe
Password: San10
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections