General
-
Target
Umbral.exe
-
Size
231KB
-
MD5
24a8f91902c7af34071b1f843bee6b56
-
SHA1
2b2bf367c47e11277766b5ac8c80ecbb75966b29
-
SHA256
b3ae664a5ff979c45c5a78cb506f61f4073f33b9d72c4db82ff395b4a3dcfc9f
-
SHA512
60ca4cfbb90254d00ed5bc15d105ea4e3b6f426c95c65855636dabe738a5e4f026b7eab1ffc5f31178dbd3ff34d26f3d4a634a2e64b222a540f01a4bf243fc16
-
SSDEEP
6144:xloZM+rIkd8g+EtXHkv/iD4plbJ8il92iDe8NhoV5tB48e1mFEi:DoZtL+EP87bJ8il92iDe8NhoNAY
Score
10/10
Malware Config
Extracted
Family
umbral
C2
https://discord.com/api/webhooks/1208849029887426590/bz0f4dkckByrsaOSzlxmDV7s4IuQ4t1yLw5jBVZ1Vr7G3ix2nLgZS0fOLRtAKdWnqpY1
Signatures
-
Detect Umbral payload 1 IoCs
-
Umbral family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Umbral.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections